This report contains detail for the following vulnerabilities:
| CVE Issued by | Tag | CVE ID | CVE Title |
|---|---|---|---|
| Microsoft | Azure Data Science Virtual Machines | CVE-2024-37325 | Azure Science Virtual Machine (DSVM) Elevation of Privilege Vulnerability |
| Microsoft | Azure File Sync | CVE-2024-35253 | Microsoft Azure File Sync Elevation of Privilege Vulnerability |
| Microsoft | Azure Monitor | CVE-2024-35254 | Azure Monitor Agent Elevation of Privilege Vulnerability |
| Microsoft | Azure SDK | CVE-2024-35255 | Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability |
| Microsoft | Azure Storage Library | CVE-2024-35252 | Azure Storage Movement Client Library Denial of Service Vulnerability |
| Microsoft | Dynamics Business Central | CVE-2024-35249 | Microsoft Dynamics 365 Business Central Remote Code Execution Vulnerability |
| Microsoft | Dynamics Business Central | CVE-2024-35248 | Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability |
| infosec@edk2.groups.io | Mariner | CVE-2024-1298 | Unknown |
| cve@mitre.org | Mariner | CVE-2019-19646 | Unknown |
| cve@mitre.org | Mariner | CVE-2019-20503 | Unknown |
| cve@checkpoint.com | Mariner | CVE-2019-8457 | Unknown |
| cve@mitre.org | Mariner | CVE-2020-11655 | Unknown |
| cve@mitre.org | Mariner | CVE-2019-9741 | Unknown |
| cve@mitre.org | Mariner | CVE-2020-13631 | Unknown |
| cve@mitre.org | Mariner | CVE-2020-13630 | Unknown |
| cve@mitre.org | Mariner | CVE-2020-13632 | Unknown |
| cve@mitre.org | Mariner | CVE-2019-19645 | Unknown |
| cve@mitre.org | Mariner | CVE-2020-15586 | Unknown |
| cve@mitre.org | Mariner | CVE-2021-3115 | Unknown |
| cve@mitre.org | Mariner | CVE-2020-11656 | Unknown |
| cve@mitre.org | Mariner | CVE-2019-14274 | Unknown |
| cve@mitre.org | Mariner | CVE-2018-20505 | Unknown |
| cve@mitre.org | Mariner | CVE-2019-13636 | Unknown |
| cve@mitre.org | Mariner | CVE-2018-20506 | Unknown |
| cve@mitre.org | Mariner | CVE-2020-18032 | Unknown |
| cve@mitre.org | Mariner | CVE-2018-20346 | Unknown |
| cve@mitre.org | Mariner | CVE-2018-20169 | Unknown |
| cve@mitre.org | Mariner | CVE-2018-1999023 | Unknown |
| cve@mitre.org | Mariner | CVE-2018-20969 | Unknown |
| cve@mitre.org | Mariner | CVE-2018-1000097 | Unknown |
| secalert_us@oracle.com | Mariner | CVE-2017-3612 | Unknown |
| cve@mitre.org | Mariner | CVE-2018-1000035 | Unknown |
| cve@mitre.org | Mariner | CVE-2015-7696 | Unknown |
| secalert@redhat.com | Mariner | CVE-2015-5157 | Unknown |
| cve@mitre.org | Mariner | CVE-2019-13638 | Unknown |
| cve@mitre.org | Mariner | CVE-2021-26720 | Unknown |
| security@apache.org | Mariner | CVE-2021-36373 | Unknown |
| secalert@redhat.com | Mariner | CVE-2021-3468 | Unknown |
| openssl-security@openssl.org | Mariner | CVE-2022-4450 | Unknown |
| secalert@redhat.com | Mariner | CVE-2022-4415 | Unknown |
| cve-assignments@hackerone.com | Mariner | CVE-2022-43551 | Unknown |
| security@golang.org | Mariner | CVE-2022-41723 | Unknown |
| cve@mitre.org | Mariner | CVE-2022-40320 | Unknown |
| security@golang.org | Mariner | CVE-2022-41717 | Unknown |
| security-advisories@github.com | Mariner | CVE-2022-39353 | Unknown |
| cve@mitre.org | Mariner | CVE-2022-37616 | Unknown |
| cve@mitre.org | Mariner | CVE-2022-37434 | Unknown |
| infosec@edk2.groups.io | Mariner | CVE-2022-36764 | Unknown |
| infosec@edk2.groups.io | Mariner | CVE-2022-36765 | Unknown |
| support@hackerone.com | Mariner | CVE-2022-35260 | Unknown |
| cve@mitre.org | Mariner | CVE-2021-27378 | Unknown |
| cve@mitre.org | Mariner | CVE-2022-31394 | Unknown |
| cve@mitre.org | Mariner | CVE-2022-28805 | Unknown |
| security@ubuntu.com | Mariner | CVE-2022-28734 | Unknown |
| security@ubuntu.com | Mariner | CVE-2022-28733 | Unknown |
| cve@mitre.org | Mariner | CVE-2022-28391 | Unknown |
| openssl-security@openssl.org | Mariner | CVE-2022-2097 | Unknown |
| security@huntr.dev | Mariner | CVE-2022-1996 | Unknown |
| cve@mitre.org | Mariner | CVE-2021-44716 | Unknown |
| cve@mitre.org | Mariner | CVE-2021-45985 | Unknown |
| secalert@redhat.com | Mariner | CVE-2021-3981 | Unknown |
| cve@mitre.org | Mariner | CVE-2021-38190 | Unknown |
| vultures@jpcert.or.jp | Mariner | CVE-2015-2987 | Unknown |
| secalert@redhat.com | Mariner | CVE-2021-3502 | Unknown |
| cve@mitre.org | Mariner | CVE-2022-29526 | Unknown |
| cve@mitre.org | Mariner | CVE-2014-9636 | Unknown |
| secalert@redhat.com | Mariner | CVE-2014-8139 | Unknown |
| secalert@redhat.com | Mariner | CVE-2014-8141 | Unknown |
| secalert@redhat.com | Mariner | CVE-2024-2494 | Unknown |
| security@php.net | Mariner | CVE-2024-2408 | Unknown |
| security-advisories@github.com | Mariner | CVE-2024-22189 | Unknown |
| support@hackerone.com | Mariner | CVE-2024-22025 | Unknown |
| ykramarz@cisco.com | Mariner | CVE-2024-20328 | Unknown |
| secalert@redhat.com | Mariner | CVE-2024-2002 | Unknown |
| security@php.net | Mariner | CVE-2024-1874 | Unknown |
| cna@python.org | Mariner | CVE-2023-6597 | Unknown |
| secalert@redhat.com | Mariner | CVE-2023-7250 | Unknown |
| secalert@redhat.com | Mariner | CVE-2023-3966 | Unknown |
| cve@kernel.org | Mariner | CVE-2024-36971 | Unknown |
| cve@kernel.org | Mariner | CVE-2024-36902 | Unknown |
| security-advisories@github.com | Mariner | CVE-2024-25110 | Unknown |
| cve@kernel.org | Mariner | CVE-2024-36023 | Unknown |
| secalert@redhat.com | Mariner | CVE-2023-6246 | Unknown |
| secalert@redhat.com | Mariner | CVE-2023-6779 | Unknown |
| facts@wolfssl.com | Mariner | CVE-2024-0901 | Unknown |
| security-advisories@github.com | Mariner | CVE-2024-27304 | Unknown |
| cve@mitre.org | Mariner | CVE-2008-2149 | Unknown |
| cve@mitre.org | Mariner | CVE-2019-19977 | Unknown |
| secalert@redhat.com | Mariner | CVE-2004-2771 | Unknown |
| cve@mitre.org | Mariner | CVE-2008-3908 | Unknown |
| cve@mitre.org | Mariner | CVE-2016-7567 | Unknown |
| secalert@redhat.com | Mariner | CVE-2022-2990 | Unknown |
| secalert@redhat.com | Mariner | CVE-2014-3618 | Unknown |
| cve@mitre.org | Mariner | CVE-2019-17362 | Unknown |
| security@golang.org | Mariner | CVE-2021-4238 | Unknown |
| security-advisories@github.com | Mariner | CVE-2024-25629 | Unknown |
| security-advisories@github.com | Mariner | CVE-2024-26147 | Unknown |
| security-advisories@github.com | Mariner | CVE-2024-27099 | Unknown |
| secalert@redhat.com | Mariner | CVE-2014-8140 | Unknown |
| secalert@redhat.com | Mariner | CVE-2022-4515 | Unknown |
| chrome-cve-admin@google.com | Mariner | CVE-2014-3185 | Unknown |
| secalert@redhat.com | Mariner | CVE-2014-0069 | Unknown |
| secalert@redhat.com | Mariner | CVE-2013-6381 | Unknown |
| secalert@redhat.com | Mariner | CVE-2013-4342 | Unknown |
| secalert@redhat.com | Mariner | CVE-2013-4420 | Unknown |
| cve@mitre.org | Mariner | CVE-2010-2891 | Unknown |
| oss-report@checkmarx.com | Mariner | CVE-2024-4068 | Unknown |
| cve@mitre.org | Mariner | CVE-2012-6687 | Unknown |
| secalert@redhat.com | Mariner | CVE-2008-0888 | Unknown |
| cve@mitre.org | Mariner | CVE-2024-38428 | Unknown |
| cve@mitre.org | Mariner | CVE-2007-2768 | Unknown |
| security@php.net | Mariner | CVE-2024-5585 | Unknown |
| security@php.net | Mariner | CVE-2024-5458 | Unknown |
| cve@mitre.org | Mariner | CVE-2024-37535 | Unknown |
| security@hashicorp.com | Mariner | CVE-2024-3817 | Unknown |
| secalert@redhat.com | Mariner | CVE-2024-5564 | Unknown |
| security-advisories@github.com | Mariner | CVE-2024-34064 | Unknown |
| security-advisories@github.com | Mariner | CVE-2024-32465 | Unknown |
| security-advisories@github.com | Mariner | CVE-2024-32021 | Unknown |
| security-advisories@github.com | Mariner | CVE-2024-32020 | Unknown |
| secalert@redhat.com | Mariner | CVE-2024-3154 | Unknown |
| security-advisories@github.com | Mariner | CVE-2024-28180 | Unknown |
| security-advisories@github.com | Mariner | CVE-2024-28110 | Unknown |
| support@hackerone.com | Mariner | CVE-2024-27983 | Unknown |
| support@hackerone.com | Mariner | CVE-2024-27982 | Unknown |
| cve@mitre.org | Mariner | CVE-2014-9913 | Unknown |
| cve@mitre.org | Mariner | CVE-2022-48285 | Unknown |
| openssl-security@openssl.org | Mariner | CVE-2023-0286 | Unknown |
| secalert@redhat.com | Mariner | CVE-2022-4904 | Unknown |
| security-advisories@github.com | Mariner | CVE-2024-24806 | Unknown |
| cve@mitre.org | Mariner | CVE-2024-29158 | Unknown |
| security-advisories@github.com | Mariner | CVE-2024-24758 | Unknown |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | Mariner | CVE-2024-27078 | Unknown |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | Mariner | CVE-2024-27058 | Unknown |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | Mariner | CVE-2024-27037 | Unknown |
| security-advisories@github.com | Mariner | CVE-2024-24557 | Unknown |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | Mariner | CVE-2024-27045 | Unknown |
| cve@mitre.org | Mariner | CVE-2024-24259 | Unknown |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | Mariner | CVE-2024-27051 | Unknown |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | Mariner | CVE-2024-27061 | Unknown |
| security-advisories@github.com | Mariner | CVE-2024-23652 | Unknown |
| cve@mitre.org | Mariner | CVE-2024-29159 | Unknown |
| cve@mitre.org | Mariner | CVE-2024-24258 | Unknown |
| security-advisories@github.com | Mariner | CVE-2024-23653 | Unknown |
| security-advisories@github.com | Mariner | CVE-2024-23650 | Unknown |
| security-advisories@github.com | Mariner | CVE-2024-23651 | Unknown |
| security@ubuntu.com | Mariner | CVE-2024-2313 | Unknown |
| openssl-security@openssl.org | Mariner | CVE-2023-6237 | Unknown |
| security-officer@isc.org | Mariner | CVE-2023-6516 | Unknown |
| openssl-security@openssl.org | Mariner | CVE-2023-6129 | Unknown |
| security@google.com | Mariner | CVE-2023-6111 | Unknown |
| cve@mitre.org | Mariner | CVE-2023-51779 | Unknown |
| cve@mitre.org | Mariner | CVE-2023-52071 | Unknown |
| cve@mitre.org | Mariner | CVE-2023-51764 | Unknown |
| cve@mitre.org | Mariner | CVE-2023-51714 | Unknown |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | Mariner | CVE-2024-27038 | Unknown |
| cve@mitre.org | Mariner | CVE-2023-51385 | Unknown |
| cve@kernel.org | Mariner | CVE-2024-26581 | Unknown |
| cve@mitre.org | Mariner | CVE-2024-26455 | Unknown |
| secalert@redhat.com | Mariner | CVE-2023-4001 | Unknown |
| secalert@redhat.com | Mariner | CVE-2023-6780 | Unknown |
| security@vmware.com | Mariner | CVE-2019-5544 | Unknown |
| security@elastic.co | Mariner | CVE-2022-0699 | Unknown |
| cve@mitre.org | Mariner | CVE-2017-16844 | Unknown |
| cve@mitre.org | Mariner | CVE-2024-32613 | Unknown |
| cve@mitre.org | Mariner | CVE-2024-32611 | Unknown |
| cve@mitre.org | Mariner | CVE-2024-32614 | Unknown |
| cve@mitre.org | Mariner | CVE-2024-32612 | Unknown |
| cve@mitre.org | Mariner | CVE-2024-32609 | Unknown |
| cve@mitre.org | Mariner | CVE-2024-32610 | Unknown |
| cve@mitre.org | Mariner | CVE-2024-31744 | Unknown |
| security-advisories@github.com | Mariner | CVE-2024-25620 | Unknown |
| cve@mitre.org | Mariner | CVE-2024-30205 | Unknown |
| cve@mitre.org | Mariner | CVE-2024-31852 | Unknown |
| security-advisories@github.com | Mariner | CVE-2024-29195 | Unknown |
| cve@mitre.org | Mariner | CVE-2024-29166 | Unknown |
| cve@mitre.org | Mariner | CVE-2024-29165 | Unknown |
| cve@kernel.org | Mariner | CVE-2024-26904 | Unknown |
| cve@kernel.org | Mariner | CVE-2024-26902 | Unknown |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | Mariner | CVE-2024-26903 | Unknown |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | Mariner | CVE-2024-26901 | Unknown |
| cve@kernel.org | Mariner | CVE-2024-26585 | Unknown |
| cve@kernel.org | Mariner | CVE-2024-26583 | Unknown |
| cve@mitre.org | Mariner | CVE-2024-29160 | Unknown |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | Mariner | CVE-2024-26582 | Unknown |
| jordan@liggitt.net | Mariner | CVE-2024-3177 | Unknown |
| secalert@redhat.com | Mariner | CVE-2024-1454 | Unknown |
| security@google.com | Mariner | CVE-2024-1086 | Unknown |
| cve@mitre.org | Mariner | CVE-2023-51384 | Unknown |
| cve@mitre.org | Mariner | CVE-2023-29941 | Unknown |
| secalert@redhat.com | Mariner | CVE-2023-2977 | Unknown |
| secure@intel.com | Mariner | CVE-2023-28938 | Unknown |
| secure@intel.com | Mariner | CVE-2023-28736 | Unknown |
| support@hackerone.com | Mariner | CVE-2023-28320 | Unknown |
| support@hackerone.com | Mariner | CVE-2023-28319 | Unknown |
| security-advisories@github.com | Mariner | CVE-2023-27579 | Unknown |
| security@hashicorp.com | Mariner | CVE-2023-2816 | Unknown |
| support@hackerone.com | Mariner | CVE-2023-27536 | Unknown |
| support@hackerone.com | Mariner | CVE-2023-27535 | Unknown |
| support@hackerone.com | Mariner | CVE-2023-27534 | Unknown |
| support@hackerone.com | Mariner | CVE-2023-27533 | Unknown |
| security-advisories@github.com | Mariner | CVE-2023-31130 | Unknown |
| openssl-security@openssl.org | Mariner | CVE-2023-2650 | Unknown |
| report@snyk.io | Mariner | CVE-2023-26159 | Unknown |
| security-advisories@github.com | Mariner | CVE-2023-25801 | Unknown |
| security-advisories@github.com | Mariner | CVE-2023-25671 | Unknown |
| security-advisories@github.com | Mariner | CVE-2023-25663 | Unknown |
| cve-assignments@hackerone.com | Mariner | CVE-2023-23915 | Unknown |
| cve-assignments@hackerone.com | Mariner | CVE-2023-23914 | Unknown |
| secalert@redhat.com | Mariner | CVE-2023-2253 | Unknown |
| security-advisories@github.com | Mariner | CVE-2023-22466 | Unknown |
| secalert@redhat.com | Mariner | CVE-2023-1668 | Unknown |
| openssl-security@openssl.org | Mariner | CVE-2023-0464 | Unknown |
| openssl-security@openssl.org | Mariner | CVE-2024-4603 | Unknown |
| openssl-security@openssl.org | Mariner | CVE-2023-0215 | Unknown |
| security-advisories@github.com | Mariner | CVE-2023-26484 | Unknown |
| security-advisories@github.com | Mariner | CVE-2023-31147 | Unknown |
| security-advisories@github.com | Mariner | CVE-2023-32067 | Unknown |
| support@hackerone.com | Mariner | CVE-2023-32001 | Unknown |
| Microsoft | Mariner | CVE-2024-0985 | Unknown |
| cve@mitre.org | Mariner | CVE-2023-51257 | Unknown |
| secalert@redhat.com | Mariner | CVE-2024-1151 | Unknown |
| secalert@redhat.com | Mariner | CVE-2023-5115 | Unknown |
| secalert@redhat.com | Mariner | CVE-2023-50782 | Unknown |
| cve@mitre.org | Mariner | CVE-2023-50658 | Unknown |
| cve@mitre.org | Mariner | CVE-2023-49990 | Unknown |
| security-advisories@github.com | Mariner | CVE-2023-49083 | Unknown |
| cve@mitre.org | Mariner | CVE-2023-48795 | Unknown |
| openssl-security@openssl.org | Mariner | CVE-2023-4807 | Unknown |
| cve@mitre.org | Mariner | CVE-2023-47234 | Unknown |
| cve@mitre.org | Mariner | CVE-2023-47090 | Unknown |
| cve@mitre.org | Mariner | CVE-2023-47235 | Unknown |
| secalert@redhat.com | Mariner | CVE-2023-4693 | Unknown |
| security-advisories@github.com | Mariner | CVE-2023-47108 | Unknown |
| cve@mitre.org | Mariner | CVE-2023-46752 | Unknown |
| security-advisories@github.com | Mariner | CVE-2023-46129 | Unknown |
| security-advisories@github.com | Mariner | CVE-2023-46136 | Unknown |
| security-advisories@github.com | Mariner | CVE-2023-41051 | Unknown |
| secalert@redhat.com | Mariner | CVE-2023-40661 | Unknown |
| security@golang.org | Mariner | CVE-2023-3978 | Unknown |
| secalert@redhat.com | Mariner | CVE-2023-40660 | Unknown |
| cve@mitre.org | Mariner | CVE-2023-33460 | Unknown |
| cve-coordination@google.com | Mariner | CVE-2023-33953 | Unknown |
| security-officer@isc.org | Mariner | CVE-2023-3341 | Unknown |
| cve-coordination@google.com | Mariner | CVE-2023-32732 | Unknown |
| cve-coordination@google.com | Mariner | CVE-2023-32731 | Unknown |
| cve@mitre.org | Mariner | CVE-2022-48579 | Unknown |
| secalert@redhat.com | Mariner | CVE-2024-3727 | Unknown |
| security-advisories@github.com | Mariner | CVE-2024-34062 | Unknown |
| cve@mitre.org | Mariner | CVE-2024-33876 | Unknown |
| security@apache.org | Mariner | CVE-2021-36374 | Unknown |
| secalert@redhat.com | Mariner | CVE-2021-3697 | Unknown |
| cve@mitre.org | Mariner | CVE-2021-37501 | Unknown |
| cve@mitre.org | Mariner | CVE-2021-33391 | Unknown |
| securities@openeuler.org | Mariner | CVE-2021-33646 | Unknown |
| securities@openeuler.org | Mariner | CVE-2021-33644 | Unknown |
| securities@openeuler.org | Mariner | CVE-2021-33645 | Unknown |
| vulnreport@tenable.com | Mariner | CVE-2024-4323 | Unknown |
| securities@openeuler.org | Mariner | CVE-2021-33640 | Unknown |
| secalert@redhat.com | Mariner | CVE-2020-25657 | Unknown |
| cve@mitre.org | Mariner | CVE-2020-24370 | Unknown |
| secalert@redhat.com | Mariner | CVE-2020-27815 | Unknown |
| cve@mitre.org | Mariner | CVE-2020-28366 | Unknown |
| secalert_us@oracle.com | Mariner | CVE-2020-2981 | Unknown |
| security@kubernetes.io | Mariner | CVE-2020-8554 | Unknown |
| vuln@vdoo.com | Mariner | CVE-2020-27304 | Unknown |
| cve@mitre.org | Mariner | CVE-2020-22217 | Unknown |
| cve@mitre.org | Mariner | CVE-2020-13435 | Unknown |
| cve@mitre.org | Mariner | CVE-2020-13434 | Unknown |
| secalert_us@oracle.com | Mariner | CVE-2019-2708 | Unknown |
| secalert_us@oracle.com | Mariner | CVE-2019-3016 | Unknown |
| security-officer@isc.org | Mariner | CVE-2019-6470 | Unknown |
| cve@mitre.org | Mariner | CVE-2019-6293 | Unknown |
| cve@mitre.org | Mariner | CVE-2019-16168 | Unknown |
| cve@mitre.org | Mariner | CVE-2019-19391 | Unknown |
| cve@mitre.org | Mariner | CVE-2019-11834 | Unknown |
| cve@mitre.org | Mariner | CVE-2019-13232 | Unknown |
| secalert@redhat.com | Mariner | CVE-2021-3696 | Unknown |
| secalert@redhat.com | Mariner | CVE-2021-3695 | Unknown |
| cve-coordination@google.com | Mariner | CVE-2022-1941 | Unknown |
| secalert@redhat.com | Mariner | CVE-2022-0175 | Unknown |
| secalert@redhat.com | Mariner | CVE-2023-1393 | Unknown |
| cve@mitre.org | Mariner | CVE-2022-47085 | Unknown |
| cve@mitre.org | Mariner | CVE-2022-45873 | Unknown |
| openssl-security@openssl.org | Mariner | CVE-2022-4304 | Unknown |
| cve@mitre.org | Mariner | CVE-2022-42916 | Unknown |
| cve@mitre.org | Mariner | CVE-2022-42915 | Unknown |
| secalert@redhat.com | Mariner | CVE-2022-3854 | Unknown |
| secalert@redhat.com | Mariner | CVE-2022-3775 | Unknown |
| secalert@redhat.com | Mariner | CVE-2022-3821 | Unknown |
| secalert@redhat.com | Mariner | CVE-2022-3857 | Unknown |
| infosec@edk2.groups.io | Mariner | CVE-2022-36763 | Unknown |
| cna@vuldb.com | Mariner | CVE-2022-3563 | Unknown |
| secalert@redhat.com | Mariner | CVE-2022-3650 | Unknown |
| cve@mitre.org | Mariner | CVE-2019-11835 | Unknown |
| cve@mitre.org | Mariner | CVE-2022-33064 | Unknown |
| cve@mitre.org | Mariner | CVE-2022-34038 | Unknown |
| security@kubernetes.io | Mariner | CVE-2022-3162 | Unknown |
| security@golang.org | Mariner | CVE-2022-32149 | Unknown |
| security@golang.org | Mariner | CVE-2022-2879 | Unknown |
| security@ubuntu.com | Mariner | CVE-2022-28735 | Unknown |
| security@ubuntu.com | Mariner | CVE-2022-28736 | Unknown |
| security-advisories@github.com | Mariner | CVE-2022-21698 | Unknown |
| secalert@redhat.com | Mariner | CVE-2022-2601 | Unknown |
| security-advisories@github.com | Mariner | CVE-2022-24713 | Unknown |
| security-advisories@github.com | Mariner | CVE-2022-23639 | Unknown |
| secalert@redhat.com | Mariner | CVE-2022-0670 | Unknown |
| openssl-security@openssl.org | Mariner | CVE-2022-1292 | Unknown |
| secalert@redhat.com | Mariner | CVE-2022-0135 | Unknown |
| support@hackerone.com | Mariner | CVE-2022-32221 | Unknown |
| openssl-security@openssl.org | Mariner | CVE-2023-0465 | Unknown |
| cve@mitre.org | Mariner | CVE-2018-6952 | Unknown |
| cve@mitre.org | Mariner | CVE-2018-5996 | Unknown |
| security-advisories@github.com | Mariner | CVE-2024-30261 | Unknown |
| security@php.net | Mariner | CVE-2024-3096 | Unknown |
| security-advisories@github.com | Mariner | CVE-2024-30260 | Unknown |
| security-advisories@github.com | Mariner | CVE-2024-28849 | Unknown |
| security-advisories@github.com | Mariner | CVE-2024-27289 | Unknown |
| disclosure@hiddenlayer.com | Mariner | CVE-2024-27318 | Unknown |
| security@php.net | Mariner | CVE-2024-2756 | Unknown |
| 6f8de1f0-f67e-45a6-b68f-98777fdb759c | Mariner | CVE-2024-27322 | Unknown |
| disclosure@hiddenlayer.com | Mariner | CVE-2024-27319 | Unknown |
| openssl-security@openssl.org | Mariner | CVE-2024-2511 | Unknown |
| secalert@redhat.com | Mariner | CVE-2024-2496 | Unknown |
| support@hackerone.com | Mariner | CVE-2024-21892 | Unknown |
| support@hackerone.com | Mariner | CVE-2024-22019 | Unknown |
| support@hackerone.com | Mariner | CVE-2024-22017 | Unknown |
| secalert@redhat.com | Mariner | CVE-2024-21885 | Unknown |
| secalert@redhat.com | Mariner | CVE-2024-0874 | Unknown |
| secalert@redhat.com | Mariner | CVE-2024-1441 | Unknown |
| cna@python.org | Mariner | CVE-2024-0450 | Unknown |
| secalert@redhat.com | Mariner | CVE-2024-1013 | Unknown |
| zdi-disclosures@trendmicro.com | Mariner | CVE-2023-50229 | Unknown |
| psirt@us.ibm.com | Mariner | CVE-2023-43040 | Unknown |
| cve@mitre.org | Mariner | CVE-2023-52890 | Unknown |
| openssl-security@openssl.org | Mariner | CVE-2023-3446 | Unknown |
| cve-coordination@google.com | Mariner | CVE-2023-2976 | Unknown |
| cve@mitre.org | Mariner | CVE-2023-28531 | Unknown |
| cve@kernel.org | Mariner | CVE-2024-36938 | Unknown |
| cve@kernel.org | Mariner | CVE-2024-36897 | Unknown |
| security-advisories@github.com | Mariner | CVE-2024-29041 | Unknown |
| security-advisories@github.com | Mariner | CVE-2024-35176 | Unknown |
| security-advisories@github.com | Mariner | CVE-2024-35195 | Unknown |
| security-advisories@github.com | Mariner | CVE-2024-34069 | Unknown |
| cve@mitre.org | Mariner | CVE-2018-25032 | Unknown |
| cve@mitre.org | Mariner | CVE-2018-18384 | Unknown |
| cve@mitre.org | Mariner | CVE-2018-1000156 | Unknown |
| secalert@redhat.com | Mariner | CVE-2018-10906 | Unknown |
| cve@mitre.org | Mariner | CVE-2018-13410 | Unknown |
| secalert@redhat.com | Mariner | CVE-2018-1129 | Unknown |
| secalert_us@oracle.com | Mariner | CVE-2017-3614 | Unknown |
| secalert_us@oracle.com | Mariner | CVE-2017-3615 | Unknown |
| secalert_us@oracle.com | Mariner | CVE-2017-3617 | Unknown |
| secalert_us@oracle.com | Mariner | CVE-2017-3613 | Unknown |
| secalert_us@oracle.com | Mariner | CVE-2017-3616 | Unknown |
| secalert_us@oracle.com | Mariner | CVE-2017-3611 | Unknown |
| secalert_us@oracle.com | Mariner | CVE-2017-3609 | Unknown |
| cve@mitre.org | Mariner | CVE-2018-6951 | Unknown |
| secalert_us@oracle.com | Mariner | CVE-2017-3607 | Unknown |
| secalert_us@oracle.com | Mariner | CVE-2017-3608 | Unknown |
| cve@mitre.org | Mariner | CVE-2016-9844 | Unknown |
| cve@mitre.org | Mariner | CVE-2017-17969 | Unknown |
| secalert_us@oracle.com | Mariner | CVE-2017-3606 | Unknown |
| secalert_us@oracle.com | Mariner | CVE-2017-3605 | Unknown |
| secalert_us@oracle.com | Mariner | CVE-2017-3604 | Unknown |
| cve@mitre.org | Mariner | CVE-2015-7697 | Unknown |
| cve@mitre.org | Mariner | CVE-2016-2781 | Unknown |
| cve@mitre.org | Mariner | CVE-2016-9296 | Unknown |
| secalert@redhat.com | Mariner | CVE-2013-2094 | Unknown |
| security@php.net | Mariner | CVE-2024-4577 | Unknown |
| secalert@redhat.com | Mariner | CVE-2024-4418 | Unknown |
| cna@postgresql.org | Mariner | CVE-2024-4317 | Unknown |
| secalert_us@oracle.com | Mariner | CVE-2017-3610 | Unknown |
| security-advisories@github.com | Mariner | CVE-2023-25660 | Unknown |
| securities@openeuler.org | Mariner | CVE-2021-33643 | Unknown |
| security-advisories@github.com | Mariner | CVE-2023-25662 | Unknown |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | Mariner | CVE-2024-26881 | Unknown |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | Mariner | CVE-2024-26885 | Unknown |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | Mariner | CVE-2024-26882 | Unknown |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | Mariner | CVE-2024-26884 | Unknown |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | Mariner | CVE-2024-26883 | Unknown |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | Mariner | CVE-2024-26898 | Unknown |
| cve@mitre.org | Mariner | CVE-2024-25580 | Unknown |
| security-advisories@github.com | Mariner | CVE-2024-21646 | Unknown |
| support@hackerone.com | Mariner | CVE-2024-21890 | Unknown |
| support@hackerone.com | Mariner | CVE-2024-21896 | Unknown |
| support@hackerone.com | Mariner | CVE-2024-21891 | Unknown |
| security@google.com | Mariner | CVE-2023-6932 | Unknown |
| secalert@redhat.com | Mariner | CVE-2023-6915 | Unknown |
| secalert@redhat.com | Mariner | CVE-2024-0690 | Unknown |
| secalert@redhat.com | Mariner | CVE-2024-0567 | Unknown |
| secalert@redhat.com | Mariner | CVE-2024-0553 | Unknown |
| openssl-security@openssl.org | Mariner | CVE-2024-0727 | Unknown |
| secalert@redhat.com | Mariner | CVE-2024-0607 | Unknown |
| cve@mitre.org | Mariner | CVE-2023-52429 | Unknown |
| cve@mitre.org | Mariner | CVE-2023-52425 | Unknown |
| secalert@redhat.com | Mariner | CVE-2023-5992 | Unknown |
| secalert@redhat.com | Mariner | CVE-2023-5764 | Unknown |
| cve@mitre.org | Mariner | CVE-2023-52426 | Unknown |
| security-officer@isc.org | Mariner | CVE-2023-5679 | Unknown |
| security-officer@isc.org | Mariner | CVE-2023-5517 | Unknown |
| openssl-security@openssl.org | Mariner | CVE-2023-5678 | Unknown |
| secalert@redhat.com | Mariner | CVE-2023-5408 | Unknown |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | Mariner | CVE-2024-26907 | Unknown |
| security@kubernetes.io | Mariner | CVE-2023-5528 | Unknown |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | Mariner | CVE-2024-26908 | Unknown |
| security-advisories@github.com | Mariner | CVE-2024-27308 | Unknown |
| cve@mitre.org | Mariner | CVE-2024-33874 | Unknown |
| cve@mitre.org | Mariner | CVE-2024-33877 | Unknown |
| cve@mitre.org | Mariner | CVE-2024-33873 | Unknown |
| cve@mitre.org | Mariner | CVE-2024-33875 | Unknown |
| cve@mitre.org | Mariner | CVE-2024-32623 | Unknown |
| cve@mitre.org | Mariner | CVE-2024-32621 | Unknown |
| cve@mitre.org | Mariner | CVE-2024-32622 | Unknown |
| cve@mitre.org | Mariner | CVE-2024-32616 | Unknown |
| cve@mitre.org | Mariner | CVE-2024-32619 | Unknown |
| cve@mitre.org | Mariner | CVE-2024-32620 | Unknown |
| cve@mitre.org | Mariner | CVE-2024-32618 | Unknown |
| cve@mitre.org | Mariner | CVE-2024-32615 | Unknown |
| cve@mitre.org | Mariner | CVE-2024-32605 | Unknown |
| cve@mitre.org | Mariner | CVE-2024-32607 | Unknown |
| cve@mitre.org | Mariner | CVE-2024-32487 | Unknown |
| cve@mitre.org | Mariner | CVE-2024-30203 | Unknown |
| cve@mitre.org | Mariner | CVE-2024-30202 | Unknown |
| cve@mitre.org | Mariner | CVE-2024-29162 | Unknown |
| cve@mitre.org | Mariner | CVE-2024-29164 | Unknown |
| security-advisories@github.com | Mariner | CVE-2023-25659 | Unknown |
| cve@mitre.org | Mariner | CVE-2024-29161 | Unknown |
| cve@mitre.org | Mariner | CVE-2024-28757 | Unknown |
| cve@mitre.org | Mariner | CVE-2024-29157 | Unknown |
| security-advisories@github.com | Mariner | CVE-2024-28863 | Unknown |
| security-advisories@github.com | Mariner | CVE-2024-28182 | Unknown |
| security@php.net | Mariner | CVE-2024-2757 | Unknown |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | Mariner | CVE-2024-27391 | Unknown |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | Mariner | CVE-2024-26909 | Unknown |
| secalert@redhat.com | Mariner | CVE-2023-5215 | Unknown |
| cve@mitre.org | Mariner | CVE-2024-29163 | Unknown |
| cve@mitre.org | Mariner | CVE-2023-46753 | Unknown |
| secalert@redhat.com | Mariner | CVE-2023-3750 | Unknown |
| security-advisories@github.com | Mariner | CVE-2023-37920 | Unknown |
| cve@mitre.org | Mariner | CVE-2023-31975 | Unknown |
| support@hackerone.com | Mariner | CVE-2023-28321 | Unknown |
| support@hackerone.com | Mariner | CVE-2023-28322 | Unknown |
| support@hackerone.com | Mariner | CVE-2023-27537 | Unknown |
| support@hackerone.com | Mariner | CVE-2023-27538 | Unknown |
| cve@mitre.org | Mariner | CVE-2023-26964 | Unknown |
| security-advisories@github.com | Mariner | CVE-2023-27478 | Unknown |
| security-advisories@github.com | Mariner | CVE-2023-25674 | Unknown |
| security-advisories@github.com | Mariner | CVE-2023-25673 | Unknown |
| security-advisories@github.com | Mariner | CVE-2023-25676 | Unknown |
| security-advisories@github.com | Mariner | CVE-2023-25675 | Unknown |
| security-advisories@github.com | Mariner | CVE-2023-25672 | Unknown |
| security-advisories@github.com | Mariner | CVE-2023-25667 | Unknown |
| security-advisories@github.com | Mariner | CVE-2023-25665 | Unknown |
| security-advisories@github.com | Mariner | CVE-2023-25666 | Unknown |
| security-advisories@github.com | Mariner | CVE-2023-25664 | Unknown |
| security-advisories@github.com | Mariner | CVE-2023-25669 | Unknown |
| security-advisories@github.com | Mariner | CVE-2023-25670 | Unknown |
| security-advisories@github.com | Mariner | CVE-2023-25658 | Unknown |
| cve@mitre.org | Mariner | CVE-2023-25012 | Unknown |
| cve-assignments@hackerone.com | Mariner | CVE-2023-23916 | Unknown |
| security-advisories@github.com | Mariner | CVE-2023-25153 | Unknown |
| security-advisories@github.com | Mariner | CVE-2023-23931 | Unknown |
| cve-coordination@google.com | Mariner | CVE-2023-4785 | Unknown |
| security-advisories@github.com | Mariner | CVE-2023-25668 | Unknown |
| security-advisories@github.com | Mariner | CVE-2023-37460 | Unknown |
| cve@mitre.org | Mariner | CVE-2023-34411 | Unknown |
| secalert@redhat.com | Mariner | CVE-2023-2700 | Unknown |
| openssl-security@openssl.org | Mariner | CVE-2023-3817 | Unknown |
| cve@mitre.org | Mariner | CVE-2023-46813 | Unknown |
| cve@mitre.org | Mariner | CVE-2023-46852 | Unknown |
| cve@mitre.org | Mariner | CVE-2023-45853 | Unknown |
| secalert@redhat.com | Mariner | CVE-2023-4535 | Unknown |
| infosec@edk2.groups.io | Mariner | CVE-2023-45234 | Unknown |
| cve@mitre.org | Mariner | CVE-2023-36328 | Unknown |
| infosec@edk2.groups.io | Mariner | CVE-2023-45236 | Unknown |
| security-advisories@github.com | Mariner | CVE-2023-46118 | Unknown |
| infosec@edk2.groups.io | Mariner | CVE-2023-45235 | Unknown |
| secalert@redhat.com | Mariner | CVE-2023-4692 | Unknown |
| infosec@edk2.groups.io | Mariner | CVE-2023-45233 | Unknown |
| infosec@edk2.groups.io | Mariner | CVE-2023-45229 | Unknown |
| infosec@edk2.groups.io | Mariner | CVE-2023-45231 | Unknown |
| security-officer@isc.org | Mariner | CVE-2023-4408 | Unknown |
| infosec@edk2.groups.io | Mariner | CVE-2023-45237 | Unknown |
| infosec@edk2.groups.io | Mariner | CVE-2023-45232 | Unknown |
| security-advisories@github.com | Mariner | CVE-2023-45142 | Unknown |
| cve@mitre.org | Mariner | CVE-2023-42282 | Unknown |
| cve@mitre.org | Mariner | CVE-2023-46853 | Unknown |
| cve@mitre.org | Mariner | CVE-2023-41913 | Unknown |
| cve@mitre.org | Mariner | CVE-2023-41361 | Unknown |
| security@golang.org | Mariner | CVE-2023-39325 | Unknown |
| cve@mitre.org | Mariner | CVE-2023-38325 | Unknown |
| cve@mitre.org | Mariner | CVE-2023-38710 | Unknown |
| cve@mitre.org | Mariner | CVE-2023-38711 | Unknown |
| infosec@edk2.groups.io | Mariner | CVE-2023-45230 | Unknown |
| support@hackerone.com | Mariner | CVE-2023-38546 | Unknown |
| cve@mitre.org | Mariner | CVE-2023-38712 | Unknown |
| Microsoft | Microsoft Dataverse | CVE-2024-35260 | Microsoft Dataverse Remote Code Execution Vulnerability |
| Microsoft | Microsoft Dynamics | CVE-2024-35263 | Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability |
| Chrome | Microsoft Edge (Chromium-based) | CVE-2024-5495 | Chromium: CVE-2024-5495 Use after free in Dawn |
| Chrome | Microsoft Edge (Chromium-based) | CVE-2024-6103 | Chromium: CVE-2024-6103: Use after free in Dawn |
| Chrome | Microsoft Edge (Chromium-based) | CVE-2024-5497 | Chromium: CVE-2024-5497 Out of bounds memory access in Keyboard Inputs |
| Chrome | Microsoft Edge (Chromium-based) | CVE-2024-5494 | Chromium: CVE-2024-5494 Use after free in Dawn |
| Chrome | Microsoft Edge (Chromium-based) | CVE-2024-5499 | Chromium: CVE-2024-5499 Out of bounds write in Streams API |
| Chrome | Microsoft Edge (Chromium-based) | CVE-2024-5496 | Chromium: CVE-2024-5496 Use after free in Media Session |
| Chrome | Microsoft Edge (Chromium-based) | CVE-2024-6102 | Chromium: CVE-2024-6102: Out of bounds memory access in Dawn |
| Chrome | Microsoft Edge (Chromium-based) | CVE-2024-6101 | Chromium: CVE-2024-6101: Inappropriate implementation in WebAssembly |
| Chrome | Microsoft Edge (Chromium-based) | CVE-2024-6291 | Chromium: CVE-2024-6291 Use after free in Swiftshader |
| Microsoft | Microsoft Edge (Chromium-based) | CVE-2024-38093 | Microsoft Edge (Chromium-based) Spoofing Vulnerability |
| Microsoft | Microsoft Edge (Chromium-based) | CVE-2024-38082 | Microsoft Edge (Chromium-based) Spoofing Vulnerability |
| Microsoft | Microsoft Edge (Chromium-based) | CVE-2024-30058 | Microsoft Edge (Chromium-based) Spoofing Vulnerability |
| Chrome | Microsoft Edge (Chromium-based) | CVE-2024-6290 | Chromium: CVE-2024-6290 Use after free in Dawn |
| Chrome | Microsoft Edge (Chromium-based) | CVE-2024-6293 | Chromium: CVE-2024-6293 Use after free in Dawn |
| Chrome | Microsoft Edge (Chromium-based) | CVE-2024-6292 | Chromium: CVE-2024-6292 Use after free in Dawn |
| Adobe | Microsoft Edge (Chromium-based) | CVE-2024-34122 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability |
| Chrome | Microsoft Edge (Chromium-based) | CVE-2024-5846 | Chromium: CVE-2024-5846 Use after free in PDFium |
| Chrome | Microsoft Edge (Chromium-based) | CVE-2024-5498 | Chromium: CVE-2024-5498 Use after free in Presentation API |
| Chrome | Microsoft Edge (Chromium-based) | CVE-2024-5847 | Chromium: CVE-2024-5847 Use after free in PDFium |
| Chrome | Microsoft Edge (Chromium-based) | CVE-2024-6100 | Chromium: CVE-2024-6100 Type Confusion in V8 |
| Chrome | Microsoft Edge (Chromium-based) | CVE-2024-5493 | Chromium: CVE-2024-5493 Heap buffer overflow in WebRTC |
| Microsoft | Microsoft Edge (Chromium-based) | CVE-2024-38083 | Microsoft Edge (Chromium-based) Spoofing Vulnerability |
| Chrome | Microsoft Edge (Chromium-based) | CVE-2024-5832 | Chromium: CVE-2024-5832 Use after free in Dawn |
| Chrome | Microsoft Edge (Chromium-based) | CVE-2024-5831 | Chromium: CVE-2024-5831 Use after free in Dawn |
| Chrome | Microsoft Edge (Chromium-based) | CVE-2024-5836 | Chromium: CVE-2024-5836 Inappropriate Implementation in DevTools |
| Chrome | Microsoft Edge (Chromium-based) | CVE-2024-5839 | Chromium: CVE-2024-5839 Inappropriate Implementation in Memory Allocator |
| Chrome | Microsoft Edge (Chromium-based) | CVE-2024-5833 | Chromium: CVE-2024-5833 Type Confusion in V8 |
| Chrome | Microsoft Edge (Chromium-based) | CVE-2024-5844 | Chromium: CVE-2024-5844 Heap buffer overflow in Tab Strip |
| Chrome | Microsoft Edge (Chromium-based) | CVE-2024-5840 | Chromium: CVE-2024-5840 Policy Bypass in CORS |
| Chrome | Microsoft Edge (Chromium-based) | CVE-2024-5843 | Chromium: CVE-2024-5843 Inappropriate implementation in Downloads |
| Chrome | Microsoft Edge (Chromium-based) | CVE-2024-5830 | Chromium: CVE-2024-5830 Type Confusion in V8 |
| Chrome | Microsoft Edge (Chromium-based) | CVE-2024-5837 | Chromium: CVE-2024-5837 Type Confusion in V8 |
| Chrome | Microsoft Edge (Chromium-based) | CVE-2024-5834 | Chromium: CVE-2024-5834 Inappropriate implementation in Dawn |
| Chrome | Microsoft Edge (Chromium-based) | CVE-2024-5838 | Chromium: CVE-2024-5838 Type Confusion in V8 |
| Chrome | Microsoft Edge (Chromium-based) | CVE-2024-5835 | Chromium: CVE-2024-5835 Heap buffer overflow in Tab Groups |
| Chrome | Microsoft Edge (Chromium-based) | CVE-2024-5841 | Chromium: CVE-2024-5841 Use after free in V8 |
| Chrome | Microsoft Edge (Chromium-based) | CVE-2024-5845 | Chromium: CVE-2024-5845 Use after free in Audio |
| Chrome | Microsoft Edge (Chromium-based) | CVE-2024-5842 | Chromium: CVE-2024-5842 Use after free in Browser UI |
| Microsoft | Microsoft Edge for iOS | CVE-2024-30057 | Microsoft Edge for iOS Spoofing Vulnerability |
| Microsoft | Microsoft Office | CVE-2024-30101 | Microsoft Office Remote Code Execution Vulnerability |
| Microsoft | Microsoft Office | CVE-2024-30104 | Microsoft Office Remote Code Execution Vulnerability |
| Microsoft | Microsoft Office Outlook | CVE-2024-30103 | Microsoft Outlook Remote Code Execution Vulnerability |
| Microsoft | Microsoft Office SharePoint | CVE-2024-30100 | Microsoft SharePoint Server Remote Code Execution Vulnerability |
| Microsoft | Microsoft Office Word | CVE-2024-30102 | Microsoft Office Remote Code Execution Vulnerability |
| Microsoft | Microsoft Streaming Service | CVE-2024-30090 | Microsoft Streaming Service Elevation of Privilege Vulnerability |
| Microsoft | Microsoft Streaming Service | CVE-2024-30089 | Microsoft Streaming Service Elevation of Privilege Vulnerability |
| Microsoft | Microsoft WDAC OLE DB provider for SQL | CVE-2024-30077 | Windows OLE Remote Code Execution Vulnerability |
| MITRE Corporation | Microsoft Windows | CVE-2023-50868 | MITRE: CVE-2023-50868 NSEC3 closest encloser proof can exhaust CPU |
| Microsoft | Microsoft Windows Speech | CVE-2024-30097 | Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability |
| HackerOne | Open Source Software | CVE-2022-43552 | Open Source Curl Remote Code Execution Vulnerability |
| Microsoft | Visual Studio | CVE-2024-29060 | Visual Studio Elevation of Privilege Vulnerability |
| GitHub | Visual Studio | CVE-2024-29187 | GitHub: CVE-2024-29187 WiX Burn-based bundles are vulnerable to binary hijack when run as SYSTEM |
| Microsoft | Visual Studio | CVE-2024-30052 | Visual Studio Remote Code Execution Vulnerability |
| Microsoft | Windows Cloud Files Mini Filter Driver | CVE-2024-30085 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability |
| Microsoft | Windows Container Manager Service | CVE-2024-30076 | Windows Container Manager Service Elevation of Privilege Vulnerability |
| Microsoft | Windows Cryptographic Services | CVE-2024-30096 | Windows Cryptographic Services Information Disclosure Vulnerability |
| Microsoft | Windows DHCP Server | CVE-2024-30070 | DHCP Server Service Denial of Service Vulnerability |
| Microsoft | Windows Distributed File System (DFS) | CVE-2024-30063 | Windows Distributed File System (DFS) Remote Code Execution Vulnerability |
| Microsoft | Windows Event Logging Service | CVE-2024-30072 | Microsoft Event Trace Log File Parsing Remote Code Execution Vulnerability |
| Microsoft | Windows Kernel | CVE-2024-30064 | Windows Kernel Elevation of Privilege Vulnerability |
| Microsoft | Windows Kernel | CVE-2024-30068 | Windows Kernel Elevation of Privilege Vulnerability |
| Microsoft | Windows Kernel-Mode Drivers | CVE-2024-30084 | Windows Kernel-Mode Driver Elevation of Privilege Vulnerability |
| Microsoft | Windows Kernel-Mode Drivers | CVE-2024-35250 | Windows Kernel-Mode Driver Elevation of Privilege Vulnerability |
| Microsoft | Windows Link Layer Topology Discovery Protocol | CVE-2024-30074 | Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability |
| Microsoft | Windows Link Layer Topology Discovery Protocol | CVE-2024-30075 | Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability |
| Microsoft | Windows NT OS Kernel | CVE-2024-30088 | Windows Kernel Elevation of Privilege Vulnerability |
| Microsoft | Windows NT OS Kernel | CVE-2024-30099 | Windows Kernel Elevation of Privilege Vulnerability |
| Microsoft | Windows Perception Service | CVE-2024-35265 | Windows Perception Service Elevation of Privilege Vulnerability |
| Microsoft | Windows Remote Access Connection Manager | CVE-2024-30069 | Windows Remote Access Connection Manager Information Disclosure Vulnerability |
| Microsoft | Windows Routing and Remote Access Service (RRAS) | CVE-2024-30095 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
| Microsoft | Windows Routing and Remote Access Service (RRAS) | CVE-2024-30094 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
| Microsoft | Windows Server Service | CVE-2024-30080 | Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability |
| Microsoft | Windows Server Service | CVE-2024-30062 | Windows Standards-Based Storage Management Service Remote Code Execution Vulnerability |
| Microsoft | Windows Standards-Based Storage Management Service | CVE-2024-30083 | Windows Standards-Based Storage Management Service Denial of Service Vulnerability |
| Microsoft | Windows Storage | CVE-2024-30093 | Windows Storage Elevation of Privilege Vulnerability |
| Microsoft | Windows Themes | CVE-2024-30065 | Windows Themes Denial of Service Vulnerability |
| Microsoft | Windows Wi-Fi Driver | CVE-2024-30078 | Windows Wi-Fi Driver Remote Code Execution Vulnerability |
| Microsoft | Windows Win32 Kernel Subsystem | CVE-2024-30086 | Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability |
| Microsoft | Windows Win32K - GRFX | CVE-2024-30087 | Win32k Elevation of Privilege Vulnerability |
| Microsoft | Windows Win32K - GRFX | CVE-2024-30091 | Win32k Elevation of Privilege Vulnerability |
| Microsoft | Windows Win32K - GRFX | CVE-2024-30082 | Win32k Elevation of Privilege Vulnerability |
| Microsoft | Winlogon | CVE-2024-30067 | Winlogon Elevation of Privilege Vulnerability |
| Microsoft | Winlogon | CVE-2024-30066 | Winlogon Elevation of Privilege Vulnerability |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-1298
MITRE NVD Issuing CNA: infosec@edk2.groups.io |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:6/TemporalScore:6
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/05/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-1298 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| CBL Mariner 2.0 ARM | hvloader (CBL-Mariner) | Unknown | Unknown | None | Base: 6 Temporal: 6 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H |
1.0.1-3 | Unknown | None |
| CBL Mariner 2.0 x64 | hvloader (CBL-Mariner) | Unknown | Unknown | None | Base: 6 Temporal: 6 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H |
1.0.1-3 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-1298 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-36897
MITRE NVD Issuing CNA: cve@kernel.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/11/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-36897 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| CBL Mariner 2.0 ARM | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
5.15.158.2-1 | Unknown | None |
| CBL Mariner 2.0 x64 | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
5.15.158.2-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-36897 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-36938
MITRE NVD Issuing CNA: cve@kernel.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/11/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-36938 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| CBL Mariner 2.0 ARM | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
5.15.158.2-1 | Unknown | None |
| CBL Mariner 2.0 x64 | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
5.15.158.2-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-36938 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-28531
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:9.8/TemporalScore:9.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    03/24/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-28531 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| CBL Mariner 1.0 ARM | openssh (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
8.9p1-2 | Unknown | None |
| CBL Mariner 1.0 x64 | openssh (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
8.9p1-2 | Unknown | None |
| CBL Mariner 2.0 ARM | openssh (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
8.9p1-5 | Unknown | None |
| CBL Mariner 2.0 x64 | openssh (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
8.9p1-5 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-28531 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-2976
MITRE NVD Issuing CNA: cve-coordination@google.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.1/TemporalScore:7.1
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-2976 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| CBL Mariner 2.0 ARM | guava (CBL-Mariner) | Unknown | Unknown | None | Base: 7.1 Temporal: 7.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N |
25.0-8 | Unknown | None |
| CBL Mariner 2.0 x64 | guava (CBL-Mariner) | Unknown | Unknown | None | Base: 7.1 Temporal: 7.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N |
25.0-8 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-2976 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-3446
MITRE NVD Issuing CNA: openssl-security@openssl.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.3/TemporalScore:5.3
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-3446 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| CBL Mariner 2.0 ARM | openssl (CBL-Mariner) | Unknown | Unknown | None | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
1.1.1k-28 | Unknown | None |
| CBL Mariner 2.0 x64 | openssl (CBL-Mariner) | Unknown | Unknown | None | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
1.1.1k-28 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-3446 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2023-52890
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-52890 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| CBL Mariner 2.0 ARM | ntfs-3g (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
2022.10.3-2 | Unknown | None |
| CBL Mariner 2.0 x64 | ntfs-3g (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
2022.10.3-2 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-52890 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-43040
MITRE NVD Issuing CNA: psirt@us.ibm.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:6.5/TemporalScore:6.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/14/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-43040 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| CBL Mariner 2.0 ARM | ceph (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L |
16.2.10-4 | Unknown | None |
| CBL Mariner 2.0 x64 | ceph (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L |
16.2.10-4 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-43040 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-50229
MITRE NVD Issuing CNA: zdi-disclosures@trendmicro.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.1/TemporalScore:7.1
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/03/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-50229 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | bluez (CBL-Mariner) | Unknown | Unknown | None | Base: 7.1 Temporal: 7.1 Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.63-5 | Unknown | None |
| Azure Linux 3.0 x64 | bluez (CBL-Mariner) | Unknown | Unknown | None | Base: 7.1 Temporal: 7.1 Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.63-5 | Unknown | None |
| CBL Mariner 2.0 ARM | bluez (CBL-Mariner) | Unknown | Unknown | None | Base: 7.1 Temporal: 7.1 Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.63-6 | Unknown | None |
| CBL Mariner 2.0 x64 | bluez (CBL-Mariner) | Unknown | Unknown | None | Base: 7.1 Temporal: 7.1 Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.63-6 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-50229 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-1013
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.1/TemporalScore:7.1
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-1013 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | unixODBC (CBL-Mariner) | Unknown | Unknown | None | Base: 7.1 Temporal: 7.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H |
2.3.12-2 | Unknown | None |
| Azure Linux 3.0 x64 | unixODBC (CBL-Mariner) | Unknown | Unknown | None | Base: 7.1 Temporal: 7.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H |
2.3.12-2 | Unknown | None |
| CBL Mariner 2.0 ARM | unixODBC (CBL-Mariner) | Unknown | Unknown | None | Base: 7.1 Temporal: 7.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H |
2.3.9-3 | Unknown | None |
| CBL Mariner 2.0 x64 | unixODBC (CBL-Mariner) | Unknown | Unknown | None | Base: 7.1 Temporal: 7.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H |
2.3.9-3 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-1013 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-0450
MITRE NVD Issuing CNA: cna@python.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:6.2/TemporalScore:6.2
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-0450 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| CBL Mariner 2.0 ARM | python3 (CBL-Mariner) | Unknown | Unknown | None | Base: 6.2 Temporal: 6.2 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9.19-1 | Unknown | None |
| CBL Mariner 2.0 x64 | python3 (CBL-Mariner) | Unknown | Unknown | None | Base: 6.2 Temporal: 6.2 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9.19-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-0450 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-1441
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-1441 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| CBL Mariner 2.0 ARM | libvirt (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
7.10.0-8 | Unknown | None |
| CBL Mariner 2.0 x64 | libvirt (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
7.10.0-8 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-1441 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-0874
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.3/TemporalScore:5.3
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/03/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-0874 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| CBL Mariner 2.0 ARM | coredns (CBL-Mariner) | Unknown | Unknown | None | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
1.11.1-8 | Unknown | None |
| CBL Mariner 2.0 x64 | coredns (CBL-Mariner) | Unknown | Unknown | None | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
1.11.1-8 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-0874 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-21885
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-21885 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| CBL Mariner 2.0 ARM | xorg-x11-server (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.20.10-10 | Unknown | None |
| CBL Mariner 2.0 x64 | xorg-x11-server (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.20.10-10 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-21885 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-22017
MITRE NVD Issuing CNA: support@hackerone.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.3/TemporalScore:7.3
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    03/19/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-22017 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | libuv (CBL-Mariner) nodejs (CBL-Mariner) |
Unknown | Unknown | Base: 7.3 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L |
1.48.0-1 20.14.0-1 |
None | ||
| Azure Linux 3.0 x64 | libuv (CBL-Mariner) nodejs (CBL-Mariner) |
Unknown | Unknown | Base: 7.3 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L |
1.48.0-1 20.14.0-1 |
None | ||
| CBL Mariner 2.0 ARM | nodejs18 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.3 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L |
18.20.2-1 | Unknown | None |
| CBL Mariner 2.0 x64 | nodejs18 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.3 Temporal: 7.3 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L |
18.20.2-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-22017 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-22019
MITRE NVD Issuing CNA: support@hackerone.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    02/26/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-22019 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | nodejs (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
20.14.0-1 | Unknown | None |
| Azure Linux 3.0 x64 | nodejs (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
20.14.0-1 | Unknown | None |
| CBL Mariner 2.0 ARM | nodejs18 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
18.20.2-1 | Unknown | None |
| CBL Mariner 2.0 x64 | nodejs18 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
18.20.2-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-22019 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-21892
MITRE NVD Issuing CNA: support@hackerone.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    02/26/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-21892 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | nodejs (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N |
20.14.0-1 | Unknown | None |
| Azure Linux 3.0 x64 | nodejs (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N |
20.14.0-1 | Unknown | None |
| CBL Mariner 2.0 ARM | nodejs18 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N |
18.20.2-1 | Unknown | None |
| CBL Mariner 2.0 x64 | nodejs18 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N |
18.20.2-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-21892 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-2496
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5/TemporalScore:5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-2496 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| CBL Mariner 2.0 ARM | libvirt (CBL-Mariner) | Unknown | Unknown | None | Base: 5 Temporal: 5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H |
7.10.0-8 | Unknown | None |
| CBL Mariner 2.0 x64 | libvirt (CBL-Mariner) | Unknown | Unknown | None | Base: 5 Temporal: 5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H |
7.10.0-8 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-2496 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-2511
MITRE NVD Issuing CNA: openssl-security@openssl.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    04/15/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-2511 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | nodejs (CBL-Mariner) openssl (CBL-Mariner) |
Unknown | Unknown | Base: N/A Temporal: N/A Vector: N/A |
20.14.0-1 3.3.0-1 |
None | ||
| Azure Linux 3.0 x64 | nodejs (CBL-Mariner) openssl (CBL-Mariner) |
Unknown | Unknown | Base: N/A Temporal: N/A Vector: N/A |
20.14.0-1 3.3.0-1 |
None | ||
| CBL Mariner 2.0 ARM | nodejs18 (CBL-Mariner) openssl (CBL-Mariner) |
Unknown | Unknown | Base: N/A Temporal: N/A Vector: N/A |
18.20.2-1 1.1.1k-30 |
None | ||
| CBL Mariner 2.0 x64 | nodejs18 (CBL-Mariner) openssl (CBL-Mariner) |
Unknown | Unknown | Base: N/A Temporal: N/A Vector: N/A |
18.20.2-1 1.1.1k-30 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2024-2511 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-27319
MITRE NVD Issuing CNA: disclosure@hiddenlayer.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:4.4/TemporalScore:4.4
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    02/26/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-27319 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| CBL Mariner 2.0 ARM | pytorch (CBL-Mariner) | Unknown | Unknown | None | Base: 4.4 Temporal: 4.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L |
2.0.0-4 | Unknown | None |
| CBL Mariner 2.0 x64 | pytorch (CBL-Mariner) | Unknown | Unknown | None | Base: 4.4 Temporal: 4.4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L |
2.0.0-4 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-27319 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-27322
MITRE NVD Issuing CNA: 6f8de1f0-f67e-45a6-b68f-98777fdb759c |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:8.8/TemporalScore:8.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-27322 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| CBL Mariner 2.0 ARM | R (CBL-Mariner) | Unknown | Unknown | None | Base: 8.8 Temporal: 8.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
4.1.0-5 | Unknown | None |
| CBL Mariner 2.0 x64 | R (CBL-Mariner) | Unknown | Unknown | None | Base: 8.8 Temporal: 8.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
4.1.0-5 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-27322 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-2756
MITRE NVD Issuing CNA: security@php.net |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:6.5/TemporalScore:6.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    04/29/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-2756 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| CBL Mariner 2.0 ARM | php (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N |
8.1.28-1 | Unknown | None |
| CBL Mariner 2.0 x64 | php (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N |
8.1.28-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-2756 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-27318
MITRE NVD Issuing CNA: disclosure@hiddenlayer.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    02/26/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-27318 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| CBL Mariner 2.0 ARM | pytorch (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
2.0.0-6 | Unknown | None |
| CBL Mariner 2.0 x64 | pytorch (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
2.0.0-6 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-27318 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-27289
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:8.1/TemporalScore:8.1
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    03/11/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-27289 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | telegraf (CBL-Mariner) | Unknown | Unknown | None | Base: 8.1 Temporal: 8.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.31.0-1 | Unknown | None |
| Azure Linux 3.0 x64 | telegraf (CBL-Mariner) | Unknown | Unknown | None | Base: 8.1 Temporal: 8.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.31.0-1 | Unknown | None |
| CBL Mariner 2.0 ARM | telegraf (CBL-Mariner) | Unknown | Unknown | None | Base: 8.1 Temporal: 8.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.29.4-4 | Unknown | None |
| CBL Mariner 2.0 x64 | telegraf (CBL-Mariner) | Unknown | Unknown | None | Base: 8.1 Temporal: 8.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.29.4-4 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-27289 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-28849
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:6.5/TemporalScore:6.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    03/25/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-28849 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| CBL Mariner 2.0 ARM | reaper (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
3.1.1-9 | Unknown | None |
| CBL Mariner 2.0 x64 | reaper (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
3.1.1-9 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-28849 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-30260
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:3.9/TemporalScore:3.9
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    04/15/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-30260 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | nodejs (CBL-Mariner) | Unknown | Unknown | None | Base: 3.9 Temporal: 3.9 Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L |
20.14.0-1 | Unknown | None |
| Azure Linux 3.0 x64 | nodejs (CBL-Mariner) | Unknown | Unknown | None | Base: 3.9 Temporal: 3.9 Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L |
20.14.0-1 | Unknown | None |
| CBL Mariner 2.0 ARM | nodejs18 (CBL-Mariner) | Unknown | Unknown | None | Base: 3.9 Temporal: 3.9 Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L |
18.20.2-1 | Unknown | None |
| CBL Mariner 2.0 x64 | nodejs18 (CBL-Mariner) | Unknown | Unknown | None | Base: 3.9 Temporal: 3.9 Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L |
18.20.2-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-30260 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-3096
MITRE NVD Issuing CNA: security@php.net |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:6.5/TemporalScore:6.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    04/29/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-3096 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | php (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N |
8.3.4-1 | Unknown | None |
| Azure Linux 3.0 x64 | php (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N |
8.3.4-1 | Unknown | None |
| CBL Mariner 2.0 ARM | php (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N |
8.1.28-1 | Unknown | None |
| CBL Mariner 2.0 x64 | php (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N |
8.1.28-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-3096 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-30261
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:2.6/TemporalScore:2.6
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    04/15/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-30261 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | nodejs (CBL-Mariner) | Unknown | Unknown | None | Base: 2.6 Temporal: 2.6 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N |
20.14.0-1 | Unknown | None |
| Azure Linux 3.0 x64 | nodejs (CBL-Mariner) | Unknown | Unknown | None | Base: 2.6 Temporal: 2.6 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N |
20.14.0-1 | Unknown | None |
| CBL Mariner 2.0 ARM | nodejs18 (CBL-Mariner) | Unknown | Unknown | None | Base: 2.6 Temporal: 2.6 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N |
18.20.2-1 | Unknown | None |
| CBL Mariner 2.0 x64 | nodejs18 (CBL-Mariner) | Unknown | Unknown | None | Base: 2.6 Temporal: 2.6 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N |
18.20.2-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-30261 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-29041
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:6.1/TemporalScore:6.1
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    04/01/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-29041 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| CBL Mariner 2.0 ARM | reaper (CBL-Mariner) | Unknown | Unknown | None | Base: 6.1 Temporal: 6.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
3.1.1-9 | Unknown | None |
| CBL Mariner 2.0 x64 | reaper (CBL-Mariner) | Unknown | Unknown | None | Base: 6.1 Temporal: 6.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
3.1.1-9 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-29041 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-35176
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.3/TemporalScore:5.3
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/19/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-35176 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | rubygem-rexml (CBL-Mariner) | Unknown | Unknown | None | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
3.2.8-1 | Unknown | None |
| Azure Linux 3.0 x64 | rubygem-rexml (CBL-Mariner) | Unknown | Unknown | None | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
3.2.8-1 | Unknown | None |
| CBL Mariner 2.0 ARM | ruby (CBL-Mariner) rubygem-rexml (CBL-Mariner) |
Unknown | Unknown | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
3.1.4-6 3.2.7-1 |
None | ||
| CBL Mariner 2.0 x64 | ruby (CBL-Mariner) rubygem-rexml (CBL-Mariner) |
Unknown | Unknown | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
3.1.4-6 3.2.7-1 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2024-35176 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-35195
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.6/TemporalScore:5.6
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/23/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-35195 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| CBL Mariner 2.0 ARM | python-requests (CBL-Mariner) | Unknown | Unknown | None | Base: 5.6 Temporal: 5.6 Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N |
2.27.1-7 | Unknown | None |
| CBL Mariner 2.0 x64 | python-requests (CBL-Mariner) | Unknown | Unknown | None | Base: 5.6 Temporal: 5.6 Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N |
2.27.1-7 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-35195 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-34069
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/13/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-34069 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | python-werkzeug (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
3.0.3-1 | Unknown | None |
| Azure Linux 3.0 x64 | python-werkzeug (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
3.0.3-1 | Unknown | None |
| CBL Mariner 2.0 ARM | python-werkzeug (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
2.3.7-2 | Unknown | None |
| CBL Mariner 2.0 x64 | python-werkzeug (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
2.3.7-2 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-34069 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-4317
MITRE NVD Issuing CNA: cna@postgresql.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:3.1/TemporalScore:3.1
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/14/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-4317 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | postgresql (CBL-Mariner) | Unknown | Unknown | None | Base: 3.1 Temporal: 3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N |
16.3-1 | Unknown | None |
| Azure Linux 3.0 x64 | postgresql (CBL-Mariner) | Unknown | Unknown | None | Base: 3.1 Temporal: 3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N |
16.3-1 | Unknown | None |
| CBL Mariner 2.0 ARM | postgresql (CBL-Mariner) | Unknown | Unknown | None | Base: 3.1 Temporal: 3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N |
14.12-1 | Unknown | None |
| CBL Mariner 2.0 x64 | postgresql (CBL-Mariner) | Unknown | Unknown | None | Base: 3.1 Temporal: 3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N |
14.12-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-4317 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-4418
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:6.2/TemporalScore:6.2
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/13/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-4418 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| CBL Mariner 2.0 ARM | libvirt (CBL-Mariner) | Unknown | Unknown | None | Base: 6.2 Temporal: 6.2 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
7.10.0-10 | Unknown | None |
| CBL Mariner 2.0 x64 | libvirt (CBL-Mariner) | Unknown | Unknown | None | Base: 6.2 Temporal: 6.2 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
7.10.0-10 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-4418 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-4577
MITRE NVD Issuing CNA: security@php.net |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:9.8/TemporalScore:9.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-4577 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | php (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
8.3.8-1 | Unknown | None |
| Azure Linux 3.0 x64 | php (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
8.3.8-1 | Unknown | None |
| CBL Mariner 2.0 ARM | php (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
8.1.29-1 | Unknown | None |
| CBL Mariner 2.0 x64 | php (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
8.1.29-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-4577 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2013-2094
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    02/16/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2013-2094 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.6.22.1-2 | Unknown | None |
| Azure Linux 3.0 x64 | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.6.22.1-2 | Unknown | None |
| CBL Mariner 2.0 ARM | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
5.15.153.1-1 | Unknown | None |
| CBL Mariner 2.0 x64 | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
5.15.153.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2013-2094 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2016-9296
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    12/16/2021     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2016-9296 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | p7zip (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
16.02-23 | Unknown | None |
| Azure Linux 3.0 x64 | p7zip (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
16.02-23 | Unknown | None |
| CBL Mariner 1.0 ARM | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Unknown | Unknown | None | |
| CBL Mariner 1.0 x64 | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Unknown | Unknown | None | |
| CBL Mariner 2.0 ARM | p7zip (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
16.02-22 | Unknown | None |
| CBL Mariner 2.0 x64 | p7zip (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
16.02-22 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2016-9296 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2016-2781
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:6.5/TemporalScore:6.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    09/25/2020     Information published. 2.0    12/16/2021     Added coreutils to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2016-2781 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | coreutils (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N |
9.4-1 | Unknown | None |
| Azure Linux 3.0 x64 | coreutils (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N |
9.4-1 | Unknown | None |
| CBL Mariner 1.0 ARM | coreutils (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N |
8.30-7 | Unknown | None |
| CBL Mariner 1.0 x64 | coreutils (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N |
8.30-7 | Unknown | None |
| CBL Mariner 2.0 ARM | coreutils (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N |
8.32-1 | Unknown | None |
| CBL Mariner 2.0 x64 | coreutils (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N |
8.32-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2016-2781 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2015-7697
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    08/18/2020     Information published. 2.0    12/16/2021     Added unzip to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2015-7697 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.0-20 | Unknown | None |
| Azure Linux 3.0 x64 | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.0-20 | Unknown | None |
| CBL Mariner 1.0 ARM | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.0-15 | Unknown | None |
| CBL Mariner 1.0 x64 | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.0-15 | Unknown | None |
| CBL Mariner 2.0 ARM | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.0-19 | Unknown | None |
| CBL Mariner 2.0 x64 | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.0-19 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2015-7697 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2017-3604
MITRE NVD Issuing CNA: secalert_us@oracle.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7/TemporalScore:7
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    07/30/2021     Information published. 2.0    12/16/2021     Added libdb to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2017-3604 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| Azure Linux 3.0 x64 | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| CBL Mariner 1.0 ARM | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-5 | Unknown | None |
| CBL Mariner 1.0 x64 | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-5 | Unknown | None |
| CBL Mariner 2.0 ARM | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| CBL Mariner 2.0 x64 | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2017-3604 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2017-3605
MITRE NVD Issuing CNA: secalert_us@oracle.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7/TemporalScore:7
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    07/30/2021     Information published. 2.0    12/16/2021     Added libdb to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2017-3605 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| Azure Linux 3.0 x64 | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| CBL Mariner 1.0 ARM | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-5 | Unknown | None |
| CBL Mariner 1.0 x64 | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-5 | Unknown | None |
| CBL Mariner 2.0 ARM | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| CBL Mariner 2.0 x64 | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2017-3605 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2017-3606
MITRE NVD Issuing CNA: secalert_us@oracle.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7/TemporalScore:7
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    07/30/2021     Information published. 2.0    12/16/2021     Added libdb to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2017-3606 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| Azure Linux 3.0 x64 | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| CBL Mariner 1.0 ARM | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-5 | Unknown | None |
| CBL Mariner 1.0 x64 | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-5 | Unknown | None |
| CBL Mariner 2.0 ARM | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| CBL Mariner 2.0 x64 | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2017-3606 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2017-17969
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    12/16/2021     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2017-17969 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | p7zip (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
16.02-23 | Unknown | None |
| Azure Linux 3.0 x64 | p7zip (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
16.02-23 | Unknown | None |
| CBL Mariner 1.0 ARM | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Unknown | Unknown | None | |
| CBL Mariner 1.0 x64 | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Unknown | Unknown | None | |
| CBL Mariner 2.0 ARM | p7zip (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
16.02-22 | Unknown | None |
| CBL Mariner 2.0 x64 | p7zip (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
16.02-22 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2017-17969 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2016-9844
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:4/TemporalScore:4
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    08/18/2020     Information published. 2.0    12/16/2021     Added unzip to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2016-9844 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: 4 Temporal: 4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
6.0-20 | Unknown | None |
| Azure Linux 3.0 x64 | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: 4 Temporal: 4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
6.0-20 | Unknown | None |
| CBL Mariner 1.0 ARM | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: 4 Temporal: 4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
6.0-15 | Unknown | None |
| CBL Mariner 1.0 x64 | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: 4 Temporal: 4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
6.0-15 | Unknown | None |
| CBL Mariner 2.0 ARM | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: 4 Temporal: 4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
6.0-19 | Unknown | None |
| CBL Mariner 2.0 x64 | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: 4 Temporal: 4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
6.0-19 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2016-9844 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2017-3608
MITRE NVD Issuing CNA: secalert_us@oracle.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7/TemporalScore:7
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    07/30/2021     Information published. 2.0    12/16/2021     Added libdb to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2017-3608 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| Azure Linux 3.0 x64 | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| CBL Mariner 1.0 ARM | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-5 | Unknown | None |
| CBL Mariner 1.0 x64 | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-5 | Unknown | None |
| CBL Mariner 2.0 ARM | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| CBL Mariner 2.0 x64 | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2017-3608 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2017-3610
MITRE NVD Issuing CNA: secalert_us@oracle.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7/TemporalScore:7
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    07/30/2021     Information published. 2.0    12/16/2021     Added libdb to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2017-3610 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| Azure Linux 3.0 x64 | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| CBL Mariner 1.0 ARM | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-5 | Unknown | None |
| CBL Mariner 1.0 x64 | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-5 | Unknown | None |
| CBL Mariner 2.0 ARM | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| CBL Mariner 2.0 x64 | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2017-3610 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2017-3607
MITRE NVD Issuing CNA: secalert_us@oracle.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7/TemporalScore:7
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    07/30/2021     Information published. 2.0    12/16/2021     Added libdb to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2017-3607 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| Azure Linux 3.0 x64 | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| CBL Mariner 1.0 ARM | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-5 | Unknown | None |
| CBL Mariner 1.0 x64 | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-5 | Unknown | None |
| CBL Mariner 2.0 ARM | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| CBL Mariner 2.0 x64 | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2017-3607 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2017-3609
MITRE NVD Issuing CNA: secalert_us@oracle.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7/TemporalScore:7
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    07/30/2021     Information published. 2.0    12/16/2021     Added libdb to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2017-3609 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| Azure Linux 3.0 x64 | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| CBL Mariner 1.0 ARM | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-5 | Unknown | None |
| CBL Mariner 1.0 x64 | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-5 | Unknown | None |
| CBL Mariner 2.0 ARM | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| CBL Mariner 2.0 x64 | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2017-3609 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2017-3611
MITRE NVD Issuing CNA: secalert_us@oracle.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7/TemporalScore:7
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    07/30/2021     Information published. 2.0    12/16/2021     Added libdb to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2017-3611 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| Azure Linux 3.0 x64 | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| CBL Mariner 1.0 ARM | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-5 | Unknown | None |
| CBL Mariner 1.0 x64 | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-5 | Unknown | None |
| CBL Mariner 2.0 ARM | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| CBL Mariner 2.0 x64 | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2017-3611 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2017-3616
MITRE NVD Issuing CNA: secalert_us@oracle.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7/TemporalScore:7
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    07/30/2021     Information published. 2.0    12/16/2021     Added libdb to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2017-3616 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| Azure Linux 3.0 x64 | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| CBL Mariner 1.0 ARM | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-5 | Unknown | None |
| CBL Mariner 1.0 x64 | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-5 | Unknown | None |
| CBL Mariner 2.0 ARM | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| CBL Mariner 2.0 x64 | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2017-3616 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2017-3613
MITRE NVD Issuing CNA: secalert_us@oracle.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7/TemporalScore:7
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    07/30/2021     Information published. 2.0    12/16/2021     Added libdb to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2017-3613 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| Azure Linux 3.0 x64 | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| CBL Mariner 1.0 ARM | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-5 | Unknown | None |
| CBL Mariner 1.0 x64 | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-5 | Unknown | None |
| CBL Mariner 2.0 ARM | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| CBL Mariner 2.0 x64 | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2017-3613 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2017-3617
MITRE NVD Issuing CNA: secalert_us@oracle.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7/TemporalScore:7
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    07/30/2021     Information published. 2.0    12/16/2021     Added libdb to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2017-3617 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| Azure Linux 3.0 x64 | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| CBL Mariner 1.0 ARM | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-5 | Unknown | None |
| CBL Mariner 1.0 x64 | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-5 | Unknown | None |
| CBL Mariner 2.0 ARM | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| CBL Mariner 2.0 x64 | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2017-3617 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2017-3615
MITRE NVD Issuing CNA: secalert_us@oracle.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7/TemporalScore:7
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    07/30/2021     Information published. 2.0    12/16/2021     Added libdb to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2017-3615 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| Azure Linux 3.0 x64 | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| CBL Mariner 1.0 ARM | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-5 | Unknown | None |
| CBL Mariner 1.0 x64 | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-5 | Unknown | None |
| CBL Mariner 2.0 ARM | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| CBL Mariner 2.0 x64 | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2017-3615 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2017-3614
MITRE NVD Issuing CNA: secalert_us@oracle.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7/TemporalScore:7
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    07/30/2021     Information published. 2.0    12/16/2021     Added libdb to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2017-3614 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| Azure Linux 3.0 x64 | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| CBL Mariner 1.0 ARM | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-5 | Unknown | None |
| CBL Mariner 1.0 x64 | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-5 | Unknown | None |
| CBL Mariner 2.0 ARM | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| CBL Mariner 2.0 x64 | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2017-3614 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2018-1129
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:6.5/TemporalScore:6.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2018-1129 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | ceph (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
18.2.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | ceph (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
18.2.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2018-1129 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2018-13410
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:9.8/TemporalScore:9.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    08/18/2020     Information published. 2.0    12/16/2021     Added zip to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2018-13410 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | zip (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.0-6 | Unknown | None |
| Azure Linux 3.0 x64 | zip (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.0-6 | Unknown | None |
| CBL Mariner 1.0 ARM | zip (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.0-5 | Unknown | None |
| CBL Mariner 1.0 x64 | zip (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.0-5 | Unknown | None |
| CBL Mariner 2.0 ARM | zip (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.0-5 | Unknown | None |
| CBL Mariner 2.0 x64 | zip (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.0-5 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2018-13410 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2018-10906
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    08/18/2020     Information published. 2.0    12/16/2021     Added fuse to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2018-10906 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | fuse (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.9.7-10 | Unknown | None |
| Azure Linux 3.0 x64 | fuse (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.9.7-10 | Unknown | None |
| CBL Mariner 1.0 ARM | fuse (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.9.7-7 | Unknown | None |
| CBL Mariner 1.0 x64 | fuse (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.9.7-7 | Unknown | None |
| CBL Mariner 2.0 ARM | fuse (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.9.7-10 | Unknown | None |
| CBL Mariner 2.0 x64 | fuse (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.9.7-10 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2018-10906 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2018-1000156
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    08/18/2020     Information published. 2.0    12/16/2021     Added patch to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2018-1000156 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | patch (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
2.7.6-9 | Unknown | None |
| Azure Linux 3.0 x64 | patch (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
2.7.6-9 | Unknown | None |
| CBL Mariner 1.0 ARM | patch (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
2.7.6-7 | Unknown | None |
| CBL Mariner 1.0 x64 | patch (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
2.7.6-7 | Unknown | None |
| CBL Mariner 2.0 ARM | patch (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
2.7.6-7 | Unknown | None |
| CBL Mariner 2.0 x64 | patch (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
2.7.6-7 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2018-1000156 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2018-18384
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    08/18/2020     Information published. 2.0    12/16/2021     Added unzip to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2018-18384 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
6.0-20 | Unknown | None |
| Azure Linux 3.0 x64 | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
6.0-20 | Unknown | None |
| CBL Mariner 1.0 ARM | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
6.0-15 | Unknown | None |
| CBL Mariner 1.0 x64 | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
6.0-15 | Unknown | None |
| CBL Mariner 2.0 ARM | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
6.0-19 | Unknown | None |
| CBL Mariner 2.0 x64 | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
6.0-19 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2018-18384 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2018-25032
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    03/31/2022     Information published. 2.0    09/17/2022     Added mariadb to CBL-Mariner 1.0 Added python3 to CBL-Mariner 1.0 3.0    04/17/2023     Added tcl to CBL-Mariner 1.0 4.0    04/18/2023     Added boost to CBL-Mariner 2.0 5.0    04/19/2023     Added nmap to CBL-Mariner 2.0 Added tcl to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2018-25032 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | cmake (CBL-Mariner) grpc (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.28.2-1 1.62.0-2 |
None | ||
| Azure Linux 3.0 x64 | cmake (CBL-Mariner) grpc (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.28.2-1 1.62.0-2 |
None | ||
| CBL Mariner 1.0 ARM | boost (CBL-Mariner) erlang (CBL-Mariner) mariadb (CBL-Mariner) nmap (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.66.0-4 24.2-2 10.3.36-1 7.90-4 |
None | ||
| CBL Mariner 1.0 x64 | boost (CBL-Mariner) erlang (CBL-Mariner) mariadb (CBL-Mariner) nmap (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.66.0-4 24.2-2 10.3.36-1 7.90-4 |
None | ||
| CBL Mariner 2.0 ARM | boost (CBL-Mariner) nmap (CBL-Mariner) qt5-qtbase (CBL-Mariner) rust (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.76.0-3 7.93-1 5.15.9-1 1.72.0-2 |
None | ||
| CBL Mariner 2.0 x64 | boost (CBL-Mariner) nmap (CBL-Mariner) qt5-qtbase (CBL-Mariner) rust (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.76.0-3 7.93-1 5.15.9-1 1.72.0-2 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2018-25032 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2018-5996
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    12/16/2021     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2018-5996 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | p7zip (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
16.02-23 | Unknown | None |
| Azure Linux 3.0 x64 | p7zip (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
16.02-23 | Unknown | None |
| CBL Mariner 1.0 ARM | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Unknown | Unknown | None | |
| CBL Mariner 1.0 x64 | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Unknown | Unknown | None | |
| CBL Mariner 2.0 ARM | p7zip (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
16.02-22 | Unknown | None |
| CBL Mariner 2.0 x64 | p7zip (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
16.02-22 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2018-5996 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2018-6951
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    08/18/2020     Information published. 2.0    12/16/2021     Added patch to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2018-6951 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | patch (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.7.6-9 | Unknown | None |
| Azure Linux 3.0 x64 | patch (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.7.6-9 | Unknown | None |
| CBL Mariner 1.0 ARM | patch (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.7.6-7 | Unknown | None |
| CBL Mariner 1.0 x64 | patch (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.7.6-7 | Unknown | None |
| CBL Mariner 2.0 ARM | patch (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.7.6-7 | Unknown | None |
| CBL Mariner 2.0 x64 | patch (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.7.6-7 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2018-6951 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2018-6952
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    08/18/2020     Information published. 2.0    12/16/2021     Added patch to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2018-6952 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | patch (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.7.6-9 | Unknown | None |
| Azure Linux 3.0 x64 | patch (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.7.6-9 | Unknown | None |
| CBL Mariner 1.0 ARM | patch (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.7.6-7 | Unknown | None |
| CBL Mariner 1.0 x64 | patch (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.7.6-7 | Unknown | None |
| CBL Mariner 2.0 ARM | patch (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.7.6-7 | Unknown | None |
| CBL Mariner 2.0 x64 | patch (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.7.6-7 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2018-6952 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2019-11835
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:9.8/TemporalScore:9.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2019-11835 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | libglvnd (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.7.0-2 | Unknown | None |
| Azure Linux 3.0 x64 | libglvnd (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.7.0-2 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2019-11835 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2019-13232
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:3.3/TemporalScore:3.3
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    08/18/2020     Information published. 2.0    12/16/2021     Added unzip to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2019-13232 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: 3.3 Temporal: 3.3 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L |
6.0-20 | Unknown | None |
| Azure Linux 3.0 x64 | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: 3.3 Temporal: 3.3 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L |
6.0-20 | Unknown | None |
| CBL Mariner 1.0 ARM | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: 3.3 Temporal: 3.3 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L |
6.0-18 | Unknown | None |
| CBL Mariner 1.0 x64 | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: 3.3 Temporal: 3.3 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L |
6.0-18 | Unknown | None |
| CBL Mariner 2.0 ARM | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: 3.3 Temporal: 3.3 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L |
6.0-19 | Unknown | None |
| CBL Mariner 2.0 x64 | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: 3.3 Temporal: 3.3 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L |
6.0-19 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2019-13232 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2019-11834
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:9.8/TemporalScore:9.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2019-11834 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | libglvnd (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.7.0-2 | Unknown | None |
| Azure Linux 3.0 x64 | libglvnd (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.7.0-2 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2019-11834 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2019-19391
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:9.1/TemporalScore:9.1
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2019-19391 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | sysbench (CBL-Mariner) | Unknown | Unknown | None | Base: 9.1 Temporal: 9.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
1.0.20-3 | Unknown | None |
| Azure Linux 3.0 x64 | sysbench (CBL-Mariner) | Unknown | Unknown | None | Base: 9.1 Temporal: 9.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
1.0.20-3 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2019-19391 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2019-16168
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:6.5/TemporalScore:6.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2019-16168 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | ceph (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
18.2.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | ceph (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
18.2.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2019-16168 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2019-6293
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    08/18/2020     Information published. 2.0    12/16/2021     Added flex to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2019-6293 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | flex (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
2.6.4-7 | Unknown | None |
| Azure Linux 3.0 x64 | flex (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
2.6.4-7 | Unknown | None |
| CBL Mariner 1.0 ARM | flex (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
2.6.4-6 | Unknown | None |
| CBL Mariner 1.0 x64 | flex (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
2.6.4-6 | Unknown | None |
| CBL Mariner 2.0 ARM | flex (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
2.6.4-7 | Unknown | None |
| CBL Mariner 2.0 x64 | flex (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
2.6.4-7 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2019-6293 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2019-6470
MITRE NVD Issuing CNA: security-officer@isc.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    09/25/2020     Information published. 2.0    12/16/2021     Added bind to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2019-6470 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | bind (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
9.16.44-2 | Unknown | None |
| Azure Linux 3.0 x64 | bind (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
9.16.44-2 | Unknown | None |
| CBL Mariner 1.0 ARM | bind (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
9.16.15-1 | Unknown | None |
| CBL Mariner 1.0 x64 | bind (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
9.16.15-1 | Unknown | None |
| CBL Mariner 2.0 ARM | bind (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
9.16.15-3 | Unknown | None |
| CBL Mariner 2.0 x64 | bind (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
9.16.15-3 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2019-6470 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2019-3016
MITRE NVD Issuing CNA: secalert_us@oracle.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:4.7/TemporalScore:4.7
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    09/25/2020     Information published. 2.0    12/16/2021     Added kernel to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2019-3016 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 4.7 Temporal: 4.7 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N |
6.6.29.1-4 | Unknown | None |
| Azure Linux 3.0 x64 | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 4.7 Temporal: 4.7 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N |
6.6.29.1-4 | Unknown | None |
| CBL Mariner 1.0 ARM | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 4.7 Temporal: 4.7 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N |
5.10.60.1-1 | Unknown | None |
| CBL Mariner 1.0 x64 | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 4.7 Temporal: 4.7 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N |
5.10.60.1-1 | Unknown | None |
| CBL Mariner 2.0 ARM | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 4.7 Temporal: 4.7 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N |
5.10.78.1-1 | Unknown | None |
| CBL Mariner 2.0 x64 | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 4.7 Temporal: 4.7 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N |
5.10.78.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2019-3016 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2019-2708
MITRE NVD Issuing CNA: secalert_us@oracle.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:3.3/TemporalScore:3.3
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    07/30/2021     Information published. 2.0    12/16/2021     Added libdb to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2019-2708 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 3.3 Temporal: 3.3 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L |
5.3.28-7 | Unknown | None |
| Azure Linux 3.0 x64 | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 3.3 Temporal: 3.3 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L |
5.3.28-7 | Unknown | None |
| CBL Mariner 1.0 ARM | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 3.3 Temporal: 3.3 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L |
5.3.28-6 | Unknown | None |
| CBL Mariner 1.0 x64 | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 3.3 Temporal: 3.3 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L |
5.3.28-6 | Unknown | None |
| CBL Mariner 2.0 ARM | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 3.3 Temporal: 3.3 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L |
5.3.28-7 | Unknown | None |
| CBL Mariner 2.0 x64 | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 3.3 Temporal: 3.3 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L |
5.3.28-7 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2019-2708 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2020-13434
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2020-13434 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | ceph (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
18.2.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | ceph (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
18.2.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2020-13434 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2020-13435
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2020-13435 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | ceph (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
18.2.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | ceph (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
18.2.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2020-13435 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2020-22217
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.9/TemporalScore:5.9
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    09/04/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2020-22217 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | grpc (CBL-Mariner) | Unknown | Unknown | None | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.62.0-2 | Unknown | None |
| Azure Linux 3.0 x64 | grpc (CBL-Mariner) | Unknown | Unknown | None | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.62.0-2 | Unknown | None |
| CBL Mariner 2.0 ARM | python-gevent (CBL-Mariner) | Unknown | Unknown | None | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
21.1.2-1 | Unknown | None |
| CBL Mariner 2.0 x64 | python-gevent (CBL-Mariner) | Unknown | Unknown | None | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
21.1.2-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2020-22217 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2020-27304
MITRE NVD Issuing CNA: vuln@vdoo.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:9.8/TemporalScore:9.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2020-27304 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | ceph (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
18.2.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | ceph (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
18.2.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2020-27304 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2020-8554
MITRE NVD Issuing CNA: security@kubernetes.io |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5/TemporalScore:5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    11/01/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2020-8554 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | kubernetes (CBL-Mariner) | Unknown | Unknown | None | Base: 5 Temporal: 5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L |
1.28.3-2 | Unknown | None |
| Azure Linux 3.0 x64 | kubernetes (CBL-Mariner) | Unknown | Unknown | None | Base: 5 Temporal: 5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L |
1.28.3-2 | Unknown | None |
| CBL Mariner 2.0 ARM | kubernetes (CBL-Mariner) | Unknown | Unknown | None | Base: 5 Temporal: 5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L |
1.28.3-1 | Unknown | None |
| CBL Mariner 2.0 x64 | kubernetes (CBL-Mariner) | Unknown | Unknown | None | Base: 5 Temporal: 5 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L |
1.28.3-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2020-8554 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2020-2981
MITRE NVD Issuing CNA: secalert_us@oracle.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7/TemporalScore:7
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    07/30/2021     Information published. 2.0    12/16/2021     Added libdb to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2020-2981 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| Azure Linux 3.0 x64 | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| CBL Mariner 1.0 ARM | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-5 | Unknown | None |
| CBL Mariner 1.0 x64 | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-5 | Unknown | None |
| CBL Mariner 2.0 ARM | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| CBL Mariner 2.0 x64 | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2020-2981 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2020-28366
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    11/19/2020     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2020-28366 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | python-tensorboard (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
2.16.2-1 | Unknown | None |
| Azure Linux 3.0 x64 | python-tensorboard (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
2.16.2-1 | Unknown | None |
| CBL Mariner 1.0 ARM | golang (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
1.15.13-1 | Unknown | None |
| CBL Mariner 1.0 x64 | golang (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
1.15.13-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2020-28366 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2020-27815
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    10/11/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2020-27815 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
6.6.29.1-4 | Unknown | None |
| Azure Linux 3.0 x64 | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
6.6.29.1-4 | Unknown | None |
| CBL Mariner 2.0 ARM | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
5.15.135.1-2 | Unknown | None |
| CBL Mariner 2.0 x64 | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
5.15.135.1-2 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2020-27815 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2020-24370
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.3/TemporalScore:5.3
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2020-24370 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | lua (CBL-Mariner) | Unknown | Unknown | None | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
5.4.6-1 | Unknown | None |
| Azure Linux 3.0 x64 | lua (CBL-Mariner) | Unknown | Unknown | None | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
5.4.6-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2020-24370 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2020-25657
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.9/TemporalScore:5.9
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    07/14/2022     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2020-25657 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | m2crypto (CBL-Mariner) | Unknown | Unknown | None | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
0.38.0-3 | Unknown | None |
| Azure Linux 3.0 x64 | m2crypto (CBL-Mariner) | Unknown | Unknown | None | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
0.38.0-3 | Unknown | None |
| CBL Mariner 2.0 ARM | m2crypto (CBL-Mariner) | Unknown | Unknown | None | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
0.38.0-3 | Unknown | None |
| CBL Mariner 2.0 x64 | m2crypto (CBL-Mariner) | Unknown | Unknown | None | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
0.38.0-3 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2020-25657 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2021-33640
MITRE NVD Issuing CNA: securities@openeuler.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:9.8/TemporalScore:9.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    01/12/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2021-33640 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | libtar (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.2.20-11 | Unknown | None |
| Azure Linux 3.0 x64 | libtar (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.2.20-11 | Unknown | None |
| CBL Mariner 1.0 ARM | libtar (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.2.20-11 | Unknown | None |
| CBL Mariner 1.0 x64 | libtar (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.2.20-11 | Unknown | None |
| CBL Mariner 2.0 ARM | libtar (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.2.20-11 | Unknown | None |
| CBL Mariner 2.0 x64 | libtar (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.2.20-11 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2021-33640 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2021-33643
MITRE NVD Issuing CNA: securities@openeuler.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:9.1/TemporalScore:9.1
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    08/16/2022     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2021-33643 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | libtar (CBL-Mariner) | Unknown | Unknown | None | Base: 9.1 Temporal: 9.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H |
1.2.20-11 | Unknown | None |
| Azure Linux 3.0 x64 | libtar (CBL-Mariner) | Unknown | Unknown | None | Base: 9.1 Temporal: 9.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H |
1.2.20-11 | Unknown | None |
| CBL Mariner 1.0 ARM | libtar (CBL-Mariner) | Unknown | Unknown | None | Base: 9.1 Temporal: 9.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H |
1.2.20-10 | Unknown | None |
| CBL Mariner 1.0 x64 | libtar (CBL-Mariner) | Unknown | Unknown | None | Base: 9.1 Temporal: 9.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H |
1.2.20-10 | Unknown | None |
| CBL Mariner 2.0 ARM | libtar (CBL-Mariner) | Unknown | Unknown | None | Base: 9.1 Temporal: 9.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H |
1.2.20-10 | Unknown | None |
| CBL Mariner 2.0 x64 | libtar (CBL-Mariner) | Unknown | Unknown | None | Base: 9.1 Temporal: 9.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H |
1.2.20-10 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2021-33643 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2021-33645
MITRE NVD Issuing CNA: securities@openeuler.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    08/16/2022     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2021-33645 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | libtar (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.2.20-11 | Unknown | None |
| Azure Linux 3.0 x64 | libtar (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.2.20-11 | Unknown | None |
| CBL Mariner 1.0 ARM | libtar (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.2.20-10 | Unknown | None |
| CBL Mariner 1.0 x64 | libtar (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.2.20-10 | Unknown | None |
| CBL Mariner 2.0 ARM | libtar (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.2.20-10 | Unknown | None |
| CBL Mariner 2.0 x64 | libtar (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.2.20-10 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2021-33645 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2021-33644
MITRE NVD Issuing CNA: securities@openeuler.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:8.1/TemporalScore:8.1
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    08/16/2022     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2021-33644 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | libtar (CBL-Mariner) | Unknown | Unknown | None | Base: 8.1 Temporal: 8.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H |
1.2.20-11 | Unknown | None |
| Azure Linux 3.0 x64 | libtar (CBL-Mariner) | Unknown | Unknown | None | Base: 8.1 Temporal: 8.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H |
1.2.20-11 | Unknown | None |
| CBL Mariner 1.0 ARM | libtar (CBL-Mariner) | Unknown | Unknown | None | Base: 8.1 Temporal: 8.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H |
1.2.20-10 | Unknown | None |
| CBL Mariner 1.0 x64 | libtar (CBL-Mariner) | Unknown | Unknown | None | Base: 8.1 Temporal: 8.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H |
1.2.20-10 | Unknown | None |
| CBL Mariner 2.0 ARM | libtar (CBL-Mariner) | Unknown | Unknown | None | Base: 8.1 Temporal: 8.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H |
1.2.20-10 | Unknown | None |
| CBL Mariner 2.0 x64 | libtar (CBL-Mariner) | Unknown | Unknown | None | Base: 8.1 Temporal: 8.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H |
1.2.20-10 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2021-33644 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2021-33646
MITRE NVD Issuing CNA: securities@openeuler.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    08/16/2022     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2021-33646 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | libtar (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.2.20-11 | Unknown | None |
| Azure Linux 3.0 x64 | libtar (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.2.20-11 | Unknown | None |
| CBL Mariner 1.0 ARM | libtar (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.2.20-10 | Unknown | None |
| CBL Mariner 1.0 x64 | libtar (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.2.20-10 | Unknown | None |
| CBL Mariner 2.0 ARM | libtar (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.2.20-10 | Unknown | None |
| CBL Mariner 2.0 x64 | libtar (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.2.20-10 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2021-33646 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2021-33391
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:9.8/TemporalScore:9.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    02/27/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2021-33391 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | tidy (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
5.8.0-6 | Unknown | None |
| Azure Linux 3.0 x64 | tidy (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
5.8.0-6 | Unknown | None |
| CBL Mariner 2.0 ARM | tidy (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
5.8.0-6 | Unknown | None |
| CBL Mariner 2.0 x64 | tidy (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
5.8.0-6 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2021-33391 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2021-37501
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    02/14/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2021-37501 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.12.1-13 | Unknown | None |
| Azure Linux 3.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.12.1-13 | Unknown | None |
| CBL Mariner 2.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.12.1-13 | Unknown | None |
| CBL Mariner 2.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.12.1-13 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2021-37501 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2021-3697
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7/TemporalScore:7
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    10/05/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2021-3697 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.06-14 | Unknown | None |
| Azure Linux 3.0 x64 | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.06-14 | Unknown | None |
| CBL Mariner 2.0 ARM | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.06-12 | Unknown | None |
| CBL Mariner 2.0 x64 | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.06-12 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2021-3697 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2021-36374
MITRE NVD Issuing CNA: security@apache.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    07/17/2021     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2021-36374 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | javapackages-bootstrap (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
1.14.0-2 | Unknown | None |
| Azure Linux 3.0 x64 | javapackages-bootstrap (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
1.14.0-2 | Unknown | None |
| CBL Mariner 1.0 ARM | ant (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
1.10.11-1 | Unknown | None |
| CBL Mariner 1.0 x64 | ant (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
1.10.11-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2021-36374 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2021-3696
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:4.5/TemporalScore:4.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    10/05/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2021-3696 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 4.5 Temporal: 4.5 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L |
2.06-14 | Unknown | None |
| Azure Linux 3.0 x64 | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 4.5 Temporal: 4.5 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L |
2.06-14 | Unknown | None |
| CBL Mariner 2.0 ARM | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 4.5 Temporal: 4.5 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L |
2.06-12 | Unknown | None |
| CBL Mariner 2.0 x64 | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 4.5 Temporal: 4.5 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L |
2.06-12 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2021-3696 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2021-3695
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:4.5/TemporalScore:4.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    10/05/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2021-3695 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 4.5 Temporal: 4.5 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L |
2.06-14 | Unknown | None |
| Azure Linux 3.0 x64 | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 4.5 Temporal: 4.5 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L |
2.06-14 | Unknown | None |
| CBL Mariner 2.0 ARM | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 4.5 Temporal: 4.5 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L |
2.06-12 | Unknown | None |
| CBL Mariner 2.0 x64 | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 4.5 Temporal: 4.5 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L |
2.06-12 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2021-3695 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-1941
MITRE NVD Issuing CNA: cve-coordination@google.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-1941 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | grpc (CBL-Mariner) keras (CBL-Mariner) protobuf (CBL-Mariner) python-tensorboard (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.62.0-2 3.1.1-1 25.3-1 2.16.2-1 |
None | ||
| Azure Linux 3.0 x64 | grpc (CBL-Mariner) keras (CBL-Mariner) protobuf (CBL-Mariner) python-tensorboard (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.62.0-2 3.1.1-1 25.3-1 2.16.2-1 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2022-1941 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-0175
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    09/03/2022     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-0175 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | virglrenderer (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
0.9.1-3 | Unknown | None |
| Azure Linux 3.0 x64 | virglrenderer (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
0.9.1-3 | Unknown | None |
| CBL Mariner 2.0 ARM | virglrenderer (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
0.9.1-3 | Unknown | None |
| CBL Mariner 2.0 x64 | virglrenderer (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
0.9.1-3 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2022-0175 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-0135
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    08/30/2022     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-0135 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | virglrenderer (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
0.9.1-3 | Unknown | None |
| Azure Linux 3.0 x64 | virglrenderer (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
0.9.1-3 | Unknown | None |
| CBL Mariner 2.0 ARM | virglrenderer (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
0.9.1-2 | Unknown | None |
| CBL Mariner 2.0 x64 | virglrenderer (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
0.9.1-2 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2022-0135 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-1292
MITRE NVD Issuing CNA: openssl-security@openssl.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:9.8/TemporalScore:9.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/12/2022     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-1292 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | hvloader (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.0.1-2 | Unknown | None |
| Azure Linux 3.0 x64 | hvloader (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.0.1-2 | Unknown | None |
| CBL Mariner 1.0 ARM | openssl (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.1.1k-10 | Unknown | None |
| CBL Mariner 1.0 x64 | openssl (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.1.1k-10 | Unknown | None |
| CBL Mariner 2.0 ARM | openssl (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.1.1k-15 | Unknown | None |
| CBL Mariner 2.0 x64 | openssl (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.1.1k-15 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2022-1292 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-0670
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:9.1/TemporalScore:9.1
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    08/02/2022     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-0670 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | ceph (CBL-Mariner) | Unknown | Unknown | None | Base: 9.1 Temporal: 9.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
18.2.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | ceph (CBL-Mariner) | Unknown | Unknown | None | Base: 9.1 Temporal: 9.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
18.2.1-1 | Unknown | None |
| CBL Mariner 1.0 ARM | ceph (CBL-Mariner) | Unknown | Unknown | None | Base: 9.1 Temporal: 9.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
16.2.10-1 | Unknown | None |
| CBL Mariner 1.0 x64 | ceph (CBL-Mariner) | Unknown | Unknown | None | Base: 9.1 Temporal: 9.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
16.2.10-1 | Unknown | None |
| CBL Mariner 2.0 ARM | ceph (CBL-Mariner) | Unknown | Unknown | None | Base: 9.1 Temporal: 9.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
16.2.10-1 | Unknown | None |
| CBL Mariner 2.0 x64 | ceph (CBL-Mariner) | Unknown | Unknown | None | Base: 9.1 Temporal: 9.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
16.2.10-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2022-0670 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-23639
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:8.1/TemporalScore:8.1
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-23639 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | librsvg2 (CBL-Mariner) | Unknown | Unknown | None | Base: 8.1 Temporal: 8.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
2.58.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | librsvg2 (CBL-Mariner) | Unknown | Unknown | None | Base: 8.1 Temporal: 8.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
2.58.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2022-23639 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-24713
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-24713 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | librsvg2 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.58.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | librsvg2 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.58.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2022-24713 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-2601
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:8.6/TemporalScore:8.6
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    12/17/2022     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-2601 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 8.6 Temporal: 8.6 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H |
2.06-14 | Unknown | None |
| Azure Linux 3.0 x64 | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 8.6 Temporal: 8.6 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H |
2.06-14 | Unknown | None |
| CBL Mariner 1.0 ARM | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 8.6 Temporal: 8.6 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H |
2.06~rc1-9 | Unknown | None |
| CBL Mariner 1.0 x64 | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 8.6 Temporal: 8.6 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H |
2.06~rc1-9 | Unknown | None |
| CBL Mariner 2.0 ARM | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 8.6 Temporal: 8.6 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H |
2.06-8 | Unknown | None |
| CBL Mariner 2.0 x64 | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 8.6 Temporal: 8.6 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H |
2.06-8 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2022-2601 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-21698
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    11/08/2023     Information published. 2.0    01/24/2024     Added application-gateway-kubernetes-ingress to CBL-Mariner 2.0 Added kube-vip-cloud-provider to CBL-Mariner 2.0 Added local-path-provisioner to CBL-Mariner 2.0 Added moby-buildx to CBL-Mariner 2.0 3.0    04/11/2024     Added cri-o to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-21698 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | keda (CBL-Mariner) moby-engine (CBL-Mariner) node-problem-detector (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.14.0-1 25.0.3-1 0.8.15-1 |
None | ||
| Azure Linux 3.0 x64 | keda (CBL-Mariner) moby-engine (CBL-Mariner) node-problem-detector (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.14.0-1 25.0.3-1 0.8.15-1 |
None | ||
| CBL Mariner 2.0 ARM | application-gateway-kubernetes-ingress (CBL-Mariner) cri-o (CBL-Mariner) kube-vip-cloud-provider (CBL-Mariner) kured (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.4.0-17 1.21.7-2 0.0.2-14 1.13.2-1 |
None | ||
| CBL Mariner 2.0 x64 | application-gateway-kubernetes-ingress (CBL-Mariner) cri-o (CBL-Mariner) kube-vip-cloud-provider (CBL-Mariner) kured (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.4.0-17 1.21.7-2 0.0.2-14 1.13.2-1 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2022-21698 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-28736
MITRE NVD Issuing CNA: security@ubuntu.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    07/29/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-28736 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.06-14 | Unknown | None |
| Azure Linux 3.0 x64 | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.06-14 | Unknown | None |
| CBL Mariner 2.0 ARM | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.06-12 | Unknown | None |
| CBL Mariner 2.0 x64 | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.06-12 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2022-28736 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-28735
MITRE NVD Issuing CNA: security@ubuntu.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    07/29/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-28735 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.06-14 | Unknown | None |
| Azure Linux 3.0 x64 | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.06-14 | Unknown | None |
| CBL Mariner 2.0 ARM | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.06-12 | Unknown | None |
| CBL Mariner 2.0 x64 | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.06-12 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2022-28735 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-2879
MITRE NVD Issuing CNA: security@golang.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    10/19/2022     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-2879 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | ig (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
0.29.0-1 | Unknown | None |
| Azure Linux 3.0 x64 | ig (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
0.29.0-1 | Unknown | None |
| CBL Mariner 2.0 ARM | golang (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.21.6-1 | Unknown | None |
| CBL Mariner 2.0 x64 | golang (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.21.6-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2022-2879 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-32149
MITRE NVD Issuing CNA: security@golang.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    11/08/2023     Information published. 2.0    01/24/2024     Added sriov-network-device-plugin to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-32149 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | keda (CBL-Mariner) kubevirt (CBL-Mariner) node-problem-detector (CBL-Mariner) sriov-network-device-plugin (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.14.0-1 1.2.0-1 0.8.15-1 3.7.0-1 |
None | ||
| Azure Linux 3.0 x64 | keda (CBL-Mariner) kubevirt (CBL-Mariner) node-problem-detector (CBL-Mariner) sriov-network-device-plugin (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.14.0-1 1.2.0-1 0.8.15-1 3.7.0-1 |
None | ||
| CBL Mariner 2.0 ARM | git-lfs (CBL-Mariner) kured (CBL-Mariner) node-problem-detector (CBL-Mariner) sriov-network-device-plugin (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.4.1-1 1.13.2-1 0.8.17-2 3.6.2-2 |
None | ||
| CBL Mariner 2.0 x64 | git-lfs (CBL-Mariner) kured (CBL-Mariner) node-problem-detector (CBL-Mariner) sriov-network-device-plugin (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.4.1-1 1.13.2-1 0.8.17-2 3.6.2-2 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2022-32149 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-3162
MITRE NVD Issuing CNA: security@kubernetes.io |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:6.5/TemporalScore:6.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    03/06/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-3162 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | keda (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
2.14.0-1 | Unknown | None |
| Azure Linux 3.0 x64 | keda (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
2.14.0-1 | Unknown | None |
| CBL Mariner 2.0 ARM | cert-manager (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
1.11.2-1 | Unknown | None |
| CBL Mariner 2.0 x64 | cert-manager (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
1.11.2-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2022-3162 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-34038
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    08/31/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-34038 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | etcd (CBL-Mariner) kubernetes (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.5.12-1 1.29.1-2 |
None | ||
| Azure Linux 3.0 x64 | etcd (CBL-Mariner) kubernetes (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.5.12-1 1.29.1-2 |
None | ||
| CBL Mariner 2.0 ARM | etcd (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.5.12-1 | Unknown | None |
| CBL Mariner 2.0 x64 | etcd (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.5.12-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2022-34038 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-32221
MITRE NVD Issuing CNA: support@hackerone.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:9.8/TemporalScore:9.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-32221 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
2.16.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
2.16.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2022-32221 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-33064
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-33064 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | libsndfile (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
1.2.2-1 | Unknown | None |
| Azure Linux 3.0 x64 | libsndfile (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
1.2.2-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2022-33064 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-3650
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    04/08/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-3650 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | ceph (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
18.2.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | ceph (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
18.2.1-1 | Unknown | None |
| CBL Mariner 2.0 ARM | ceph (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
16.2.10-4 | Unknown | None |
| CBL Mariner 2.0 x64 | ceph (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
16.2.10-4 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2022-3650 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-3563
MITRE NVD Issuing CNA: cna@vuldb.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.7/TemporalScore:5.7
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    09/23/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-3563 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | bluez (CBL-Mariner) | Unknown | Unknown | None | Base: 5.7 Temporal: 5.7 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
5.63-4 | Unknown | None |
| Azure Linux 3.0 x64 | bluez (CBL-Mariner) | Unknown | Unknown | None | Base: 5.7 Temporal: 5.7 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
5.63-4 | Unknown | None |
| CBL Mariner 2.0 ARM | bluez (CBL-Mariner) | Unknown | Unknown | None | Base: 5.7 Temporal: 5.7 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
5.63-4 | Unknown | None |
| CBL Mariner 2.0 x64 | bluez (CBL-Mariner) | Unknown | Unknown | None | Base: 5.7 Temporal: 5.7 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
5.63-4 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2022-3563 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-36763
MITRE NVD Issuing CNA: infosec@edk2.groups.io |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    04/08/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-36763 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | edk2 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
20240223gitedc6681206c1-1 | Unknown | None |
| Azure Linux 3.0 x64 | edk2 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
20240223gitedc6681206c1-1 | Unknown | None |
| CBL Mariner 2.0 ARM | hvloader (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.0.1-3 | Unknown | None |
| CBL Mariner 2.0 x64 | hvloader (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.0.1-3 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2022-36763 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-3857
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-3857 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
2.16.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
2.16.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2022-3857 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-3821
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    11/17/2022     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-3821 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | systemd-bootstrap (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
250.3-17 | Unknown | None |
| Azure Linux 3.0 x64 | systemd-bootstrap (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
250.3-17 | Unknown | None |
| CBL Mariner 1.0 ARM | systemd (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
239-43 | Unknown | None |
| CBL Mariner 1.0 x64 | systemd (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
239-43 | Unknown | None |
| CBL Mariner 2.0 ARM | systemd (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
250.3-10 | Unknown | None |
| CBL Mariner 2.0 x64 | systemd (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
250.3-10 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2022-3821 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-3775
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.1/TemporalScore:7.1
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    12/29/2022     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-3775 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.1 Temporal: 7.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H |
2.06-14 | Unknown | None |
| Azure Linux 3.0 x64 | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.1 Temporal: 7.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H |
2.06-14 | Unknown | None |
| CBL Mariner 1.0 ARM | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.1 Temporal: 7.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H |
2.06~rc1-10 | Unknown | None |
| CBL Mariner 1.0 x64 | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.1 Temporal: 7.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H |
2.06~rc1-10 | Unknown | None |
| CBL Mariner 2.0 ARM | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.1 Temporal: 7.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H |
2.06-10 | Unknown | None |
| CBL Mariner 2.0 x64 | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.1 Temporal: 7.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H |
2.06-10 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2022-3775 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-3854
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:6.5/TemporalScore:6.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    04/08/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-3854 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | ceph (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
18.2.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | ceph (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
18.2.1-1 | Unknown | None |
| CBL Mariner 2.0 ARM | ceph (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
16.2.10-4 | Unknown | None |
| CBL Mariner 2.0 x64 | ceph (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
16.2.10-4 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2022-3854 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-42915
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:8.1/TemporalScore:8.1
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    11/09/2022     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-42915 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 8.1 Temporal: 8.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
2.16.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 8.1 Temporal: 8.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
2.16.1-1 | Unknown | None |
| CBL Mariner 1.0 ARM | curl (CBL-Mariner) | Unknown | Unknown | None | Base: 8.1 Temporal: 8.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
7.86.0-1 | Unknown | None |
| CBL Mariner 1.0 x64 | curl (CBL-Mariner) | Unknown | Unknown | None | Base: 8.1 Temporal: 8.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
7.86.0-1 | Unknown | None |
| CBL Mariner 2.0 ARM | curl (CBL-Mariner) | Unknown | Unknown | None | Base: 8.1 Temporal: 8.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
7.86.0-1 | Unknown | None |
| CBL Mariner 2.0 x64 | curl (CBL-Mariner) | Unknown | Unknown | None | Base: 8.1 Temporal: 8.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
7.86.0-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2022-42915 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-42916
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    11/09/2022     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-42916 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
2.16.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
2.16.1-1 | Unknown | None |
| CBL Mariner 1.0 ARM | curl (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
7.86.0-1 | Unknown | None |
| CBL Mariner 1.0 x64 | curl (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
7.86.0-1 | Unknown | None |
| CBL Mariner 2.0 ARM | curl (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
7.86.0-1 | Unknown | None |
| CBL Mariner 2.0 x64 | curl (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
7.86.0-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2022-42916 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-4304
MITRE NVD Issuing CNA: openssl-security@openssl.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.9/TemporalScore:5.9
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    02/13/2023     Information published. 2.0    02/14/2023     Added openssl to CBL-Mariner 1.0 3.0    04/06/2024     Added hvloader to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-4304 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | edk2 (CBL-Mariner) | Unknown | Unknown | None | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
20240223gitedc6681206c1-1 | Unknown | None |
| Azure Linux 3.0 x64 | edk2 (CBL-Mariner) | Unknown | Unknown | None | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
20240223gitedc6681206c1-1 | Unknown | None |
| CBL Mariner 1.0 ARM | openssl (CBL-Mariner) | Unknown | Unknown | None | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
1.1.1k-13 | Unknown | None |
| CBL Mariner 1.0 x64 | openssl (CBL-Mariner) | Unknown | Unknown | None | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
1.1.1k-13 | Unknown | None |
| CBL Mariner 2.0 ARM | cloud-hypervisor (CBL-Mariner) hvloader (CBL-Mariner) openssl (CBL-Mariner) rust (CBL-Mariner) |
Unknown | Unknown | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
30.0-2 1.0.1-3 1.1.1k-21 1.72.0-2 |
None | ||
| CBL Mariner 2.0 x64 | cloud-hypervisor (CBL-Mariner) hvloader (CBL-Mariner) openssl (CBL-Mariner) rust (CBL-Mariner) |
Unknown | Unknown | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
30.0-2 1.0.1-3 1.1.1k-21 1.72.0-2 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2022-4304 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-45873
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    12/02/2022     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-45873 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | systemd-bootstrap (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
250.3-17 | Unknown | None |
| Azure Linux 3.0 x64 | systemd-bootstrap (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
250.3-17 | Unknown | None |
| CBL Mariner 2.0 ARM | systemd (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
250.3-12 | Unknown | None |
| CBL Mariner 2.0 x64 | systemd (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
250.3-12 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2022-45873 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-47085
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    07/31/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-47085 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | ostree (CBL-Mariner) rpm-ostree (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2024.5-1 2022.1-7 |
None | ||
| Azure Linux 3.0 x64 | ostree (CBL-Mariner) rpm-ostree (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2024.5-1 2022.1-7 |
None | ||
| CBL Mariner 2.0 ARM | rpm-ostree (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2022.1-5 | Unknown | None |
| CBL Mariner 2.0 x64 | rpm-ostree (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2022.1-5 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2022-47085 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-1393
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    04/03/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-1393 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | xorg-x11-server (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.20.10-4 | Unknown | None |
| Azure Linux 3.0 x64 | xorg-x11-server (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.20.10-4 | Unknown | None |
| CBL Mariner 2.0 ARM | xorg-x11-server (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.20.10-4 | Unknown | None |
| CBL Mariner 2.0 x64 | xorg-x11-server (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.20.10-4 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-1393 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-0465
MITRE NVD Issuing CNA: openssl-security@openssl.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.3/TemporalScore:5.3
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    04/05/2023     Information published. 2.0    04/25/2023     Added nodejs18 to CBL-Mariner 2.0 3.0    06/27/2023     Added rust to CBL-Mariner 2.0 4.0    10/11/2023     Added edk2 to CBL-Mariner 2.0 5.0    04/06/2024     Added hvloader to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-0465 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | edk2 (CBL-Mariner) | Unknown | Unknown | None | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
20230301gitf80f052277c8-37 | Unknown | None |
| Azure Linux 3.0 x64 | edk2 (CBL-Mariner) | Unknown | Unknown | None | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
20230301gitf80f052277c8-37 | Unknown | None |
| CBL Mariner 1.0 ARM | openssl (CBL-Mariner) | Unknown | Unknown | None | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
1.1.1k-15 | Unknown | None |
| CBL Mariner 1.0 x64 | openssl (CBL-Mariner) | Unknown | Unknown | None | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
1.1.1k-15 | Unknown | None |
| CBL Mariner 2.0 ARM | edk2 (CBL-Mariner) hvloader (CBL-Mariner) nodejs18 (CBL-Mariner) openssl (CBL-Mariner) |
Unknown | Unknown | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
20230301gitf80f052277c8-37 1.0.1-3 18.17.1-2 1.1.1k-23 |
None | ||
| CBL Mariner 2.0 x64 | edk2 (CBL-Mariner) hvloader (CBL-Mariner) nodejs18 (CBL-Mariner) openssl (CBL-Mariner) |
Unknown | Unknown | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
20230301gitf80f052277c8-37 1.0.1-3 18.17.1-2 1.1.1k-23 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2023-0465 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-25660
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-25660 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.16.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.16.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-25660 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-25659
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-25659 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.16.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.16.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-25659 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-25662
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-25662 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.16.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.16.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-25662 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-25658
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-25658 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.16.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.16.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-25658 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-25012
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:4.6/TemporalScore:4.6
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    02/11/2023     Information published. 2.0    05/09/2023     Added hyperv-daemons to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-25012 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | hyperv-daemons (CBL-Mariner) | Unknown | Unknown | None | Base: 4.6 Temporal: 4.6 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
6.6.14.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | hyperv-daemons (CBL-Mariner) | Unknown | Unknown | None | Base: 4.6 Temporal: 4.6 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
6.6.14.1-1 | Unknown | None |
| CBL Mariner 1.0 ARM | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 4.6 Temporal: 4.6 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
5.10.177.1-1 | Unknown | None |
| CBL Mariner 1.0 x64 | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 4.6 Temporal: 4.6 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
5.10.177.1-1 | Unknown | None |
| CBL Mariner 2.0 ARM | hyperv-daemons (CBL-Mariner) kernel (CBL-Mariner) |
Unknown | Unknown | Base: 4.6 Temporal: 4.6 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
5.15.118.1-1 5.15.107.1-2 |
None | ||
| CBL Mariner 2.0 x64 | hyperv-daemons (CBL-Mariner) kernel (CBL-Mariner) |
Unknown | Unknown | Base: 4.6 Temporal: 4.6 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
5.15.118.1-1 5.15.107.1-2 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2023-25012 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-23916
MITRE NVD Issuing CNA: cve-assignments@hackerone.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:6.5/TemporalScore:6.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    02/24/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-23916 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | cmake (CBL-Mariner) tensorflow (CBL-Mariner) |
Unknown | Unknown | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
3.28.2-1 2.16.1-1 |
None | ||
| Azure Linux 3.0 x64 | cmake (CBL-Mariner) tensorflow (CBL-Mariner) |
Unknown | Unknown | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
3.28.2-1 2.16.1-1 |
None | ||
| CBL Mariner 1.0 ARM | curl (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
7.88.1-1 | Unknown | None |
| CBL Mariner 1.0 x64 | curl (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
7.88.1-1 | Unknown | None |
| CBL Mariner 2.0 ARM | curl (CBL-Mariner) mysql (CBL-Mariner) rust (CBL-Mariner) |
Unknown | Unknown | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
7.88.1-1 8.0.33-1 1.72.0-2 |
None | ||
| CBL Mariner 2.0 x64 | curl (CBL-Mariner) mysql (CBL-Mariner) rust (CBL-Mariner) |
Unknown | Unknown | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
7.88.1-1 8.0.33-1 1.72.0-2 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2023-23916 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-25153
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    02/20/2023     Information published. 1.0    02/21/2023     Information published. 3.0    02/25/2023     Added moby-containerd to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-25153 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | moby-engine (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
20.10.25-3 | Unknown | None |
| Azure Linux 3.0 x64 | moby-engine (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
20.10.25-3 | Unknown | None |
| CBL Mariner 1.0 ARM | moby-containerd (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
1.6.6+azure-9 | Unknown | None |
| CBL Mariner 1.0 x64 | moby-containerd (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
1.6.6+azure-9 | Unknown | None |
| CBL Mariner 2.0 ARM | moby-containerd (CBL-Mariner) moby-engine (CBL-Mariner) |
Unknown | Unknown | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
1.6.18-2 20.10.14-7 |
None | ||
| CBL Mariner 2.0 x64 | moby-containerd (CBL-Mariner) moby-engine (CBL-Mariner) |
Unknown | Unknown | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
1.6.18-2 20.10.14-7 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2023-25153 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-23931
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:6.5/TemporalScore:6.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-23931 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | python-cryptography (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L |
3.3.2-5 | Unknown | None |
| Azure Linux 3.0 x64 | python-cryptography (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L |
3.3.2-5 | Unknown | None |
| CBL Mariner 1.0 ARM | python-cryptography (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L |
3.3.2-2 | Unknown | None |
| CBL Mariner 1.0 x64 | python-cryptography (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L |
3.3.2-2 | Unknown | None |
| CBL Mariner 2.0 ARM | python-cryptography (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L |
3.3.2-4 | Unknown | None |
| CBL Mariner 2.0 x64 | python-cryptography (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L |
3.3.2-4 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-23931 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-25668
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:9.8/TemporalScore:9.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-25668 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
2.16.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
2.16.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-25668 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-25670
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-25670 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.16.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.16.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-25670 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-25669
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-25669 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.16.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.16.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-25669 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-25664
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:9.8/TemporalScore:9.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-25664 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
2.16.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
2.16.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-25664 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-25666
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-25666 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.16.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.16.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-25666 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-25665
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-25665 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.16.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.16.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-25665 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-25667
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-25667 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.16.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.16.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-25667 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-25672
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-25672 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.16.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.16.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-25672 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-25675
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-25675 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.16.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.16.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-25675 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-25676
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-25676 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.16.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.16.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-25676 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-25673
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-25673 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.16.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.16.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-25673 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-25674
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-25674 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.16.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.16.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-25674 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-27478
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:6.5/TemporalScore:6.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-27478 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | libmemcached-awesome (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N |
1.1.4-1 | Unknown | None |
| Azure Linux 3.0 x64 | libmemcached-awesome (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N |
1.1.4-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-27478 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-2700
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-2700 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | libvirt (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
7.10.0-5 | Unknown | None |
| Azure Linux 3.0 x64 | libvirt (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
7.10.0-5 | Unknown | None |
| CBL Mariner 2.0 ARM | libvirt (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
7.10.0-5 | Unknown | None |
| CBL Mariner 2.0 x64 | libvirt (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
7.10.0-5 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-2700 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-26964
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/17/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-26964 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | kata-containers (CBL-Mariner) rpm-ostree (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.2.0.azl0-2 2024.4-1 |
None | ||
| Azure Linux 3.0 x64 | kata-containers (CBL-Mariner) rpm-ostree (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.2.0.azl0-2 2024.4-1 |
None | ||
| CBL Mariner 2.0 ARM | kata-containers (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.2.0.azl0-1 | Unknown | None |
| CBL Mariner 2.0 x64 | kata-containers (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.2.0.azl0-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-26964 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-27538
MITRE NVD Issuing CNA: support@hackerone.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    04/01/2023     Information published. 1.0    04/03/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-27538 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | cmake (CBL-Mariner) tensorflow (CBL-Mariner) |
Unknown | Unknown | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
3.28.2-1 2.16.1-1 |
None | ||
| Azure Linux 3.0 x64 | cmake (CBL-Mariner) tensorflow (CBL-Mariner) |
Unknown | Unknown | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
3.28.2-1 2.16.1-1 |
None | ||
| CBL Mariner 2.0 ARM | curl (CBL-Mariner) mysql (CBL-Mariner) rust (CBL-Mariner) |
Unknown | Unknown | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
8.0.1-1 8.0.34-1 1.72.0-2 |
None | ||
| CBL Mariner 2.0 x64 | curl (CBL-Mariner) mysql (CBL-Mariner) rust (CBL-Mariner) |
Unknown | Unknown | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
8.0.1-1 8.0.34-1 1.72.0-2 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2023-27538 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-27537
MITRE NVD Issuing CNA: support@hackerone.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.9/TemporalScore:5.9
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    04/03/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-27537 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | cmake (CBL-Mariner) tensorflow (CBL-Mariner) |
Unknown | Unknown | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.28.2-1 2.16.1-1 |
None | ||
| Azure Linux 3.0 x64 | cmake (CBL-Mariner) tensorflow (CBL-Mariner) |
Unknown | Unknown | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.28.2-1 2.16.1-1 |
None | ||
| CBL Mariner 2.0 ARM | mysql (CBL-Mariner) rust (CBL-Mariner) |
Unknown | Unknown | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
8.0.33-1 1.72.0-2 |
None | ||
| CBL Mariner 2.0 x64 | mysql (CBL-Mariner) rust (CBL-Mariner) |
Unknown | Unknown | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
8.0.33-1 1.72.0-2 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2023-27537 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-28322
MITRE NVD Issuing CNA: support@hackerone.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:3.7/TemporalScore:3.7
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/27/2023     Information published. 2.0    05/28/2023     Added curl to CBL-Mariner 1.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-28322 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | cmake (CBL-Mariner) tensorflow (CBL-Mariner) |
Unknown | Unknown | Base: 3.7 Temporal: 3.7 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N |
3.21.4-10 2.16.1-1 |
None | ||
| Azure Linux 3.0 x64 | cmake (CBL-Mariner) tensorflow (CBL-Mariner) |
Unknown | Unknown | Base: 3.7 Temporal: 3.7 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N |
3.21.4-10 2.16.1-1 |
None | ||
| CBL Mariner 1.0 ARM | curl (CBL-Mariner) | Unknown | Unknown | None | Base: 3.7 Temporal: 3.7 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N |
7.88.1-2 | Unknown | None |
| CBL Mariner 1.0 x64 | curl (CBL-Mariner) | Unknown | Unknown | None | Base: 3.7 Temporal: 3.7 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N |
7.88.1-2 | Unknown | None |
| CBL Mariner 2.0 ARM | cmake (CBL-Mariner) curl (CBL-Mariner) mysql (CBL-Mariner) rust (CBL-Mariner) |
Unknown | Unknown | Base: 3.7 Temporal: 3.7 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N |
3.21.4-6 8.0.1-2 8.0.34-1 1.72.0-2 |
None | ||
| CBL Mariner 2.0 x64 | cmake (CBL-Mariner) curl (CBL-Mariner) mysql (CBL-Mariner) rust (CBL-Mariner) |
Unknown | Unknown | Base: 3.7 Temporal: 3.7 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N |
3.21.4-6 8.0.1-2 8.0.34-1 1.72.0-2 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2023-28322 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-28321
MITRE NVD Issuing CNA: support@hackerone.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.9/TemporalScore:5.9
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/27/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-28321 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N |
2.16.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N |
2.16.1-1 | Unknown | None |
| CBL Mariner 2.0 ARM | curl (CBL-Mariner) mysql (CBL-Mariner) rust (CBL-Mariner) |
Unknown | Unknown | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N |
8.2.1-1 8.0.34-1 1.72.0-2 |
None | ||
| CBL Mariner 2.0 x64 | curl (CBL-Mariner) mysql (CBL-Mariner) rust (CBL-Mariner) |
Unknown | Unknown | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N |
8.2.1-1 8.0.34-1 1.72.0-2 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2023-28321 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-31975
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:3.3/TemporalScore:3.3
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/12/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-31975 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | yasm (CBL-Mariner) | Unknown | Unknown | None | Base: 3.3 Temporal: 3.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L |
1.3.0-14 | Unknown | None |
| Azure Linux 3.0 x64 | yasm (CBL-Mariner) | Unknown | Unknown | None | Base: 3.3 Temporal: 3.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L |
1.3.0-14 | Unknown | None |
| CBL Mariner 1.0 ARM | yasm (CBL-Mariner) | Unknown | Unknown | None | Base: 3.3 Temporal: 3.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L |
1.3.0-14 | Unknown | None |
| CBL Mariner 1.0 x64 | yasm (CBL-Mariner) | Unknown | Unknown | None | Base: 3.3 Temporal: 3.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L |
1.3.0-14 | Unknown | None |
| CBL Mariner 2.0 ARM | yasm (CBL-Mariner) | Unknown | Unknown | None | Base: 3.3 Temporal: 3.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L |
1.3.0-14 | Unknown | None |
| CBL Mariner 2.0 x64 | yasm (CBL-Mariner) | Unknown | Unknown | None | Base: 3.3 Temporal: 3.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L |
1.3.0-14 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-31975 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-37920
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:9.8/TemporalScore:9.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-37920 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | python-certifi (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
2024.02.02-1 | Unknown | None |
| Azure Linux 3.0 x64 | python-certifi (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
2024.02.02-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-37920 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-3750
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.3/TemporalScore:5.3
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-3750 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | libvirt (CBL-Mariner) | Unknown | Unknown | None | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H |
10.0.0-1 | Unknown | None |
| Azure Linux 3.0 x64 | libvirt (CBL-Mariner) | Unknown | Unknown | None | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H |
10.0.0-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-3750 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-37460
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:9.8/TemporalScore:9.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    07/31/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-37460 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | javapackages-bootstrap (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.5.0-4 | Unknown | None |
| Azure Linux 3.0 x64 | javapackages-bootstrap (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.5.0-4 | Unknown | None |
| CBL Mariner 2.0 ARM | javapackages-bootstrap (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.5.0-4 | Unknown | None |
| CBL Mariner 2.0 x64 | javapackages-bootstrap (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.5.0-4 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-37460 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-34411
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/13/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-34411 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | rpm-ostree (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2024.4-1 | Unknown | None |
| Azure Linux 3.0 x64 | rpm-ostree (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2024.4-1 | Unknown | None |
| CBL Mariner 1.0 ARM | mozjs60 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
60.9.0-13 | Unknown | None |
| CBL Mariner 1.0 x64 | mozjs60 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
60.9.0-13 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-34411 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-36328
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:9.8/TemporalScore:9.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    09/05/2023     Information published. 2.0    09/06/2023     Added libtommath to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-36328 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | libtommath (CBL-Mariner) tcl (CBL-Mariner) |
Unknown | Unknown | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.1.0-5 8.6.13-3 |
None | ||
| Azure Linux 3.0 x64 | libtommath (CBL-Mariner) tcl (CBL-Mariner) |
Unknown | Unknown | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.1.0-5 8.6.13-3 |
None | ||
| CBL Mariner 2.0 ARM | libtommath (CBL-Mariner) tcl (CBL-Mariner) |
Unknown | Unknown | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.1.0-5 8.6.13-2 |
None | ||
| CBL Mariner 2.0 x64 | libtommath (CBL-Mariner) tcl (CBL-Mariner) |
Unknown | Unknown | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.1.0-5 8.6.13-2 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2023-36328 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-3817
MITRE NVD Issuing CNA: openssl-security@openssl.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.3/TemporalScore:5.3
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    08/07/2023     Information published. 2.0    10/11/2023     Added edk2 to CBL-Mariner 2.0 3.0    04/06/2024     Added hvloader to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-3817 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | edk2 (CBL-Mariner) kata-containers-cc (CBL-Mariner) |
Unknown | Unknown | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
20230301gitf80f052277c8-37 3.2.0.azl0-3 |
None | ||
| Azure Linux 3.0 x64 | edk2 (CBL-Mariner) kata-containers-cc (CBL-Mariner) |
Unknown | Unknown | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
20230301gitf80f052277c8-37 3.2.0.azl0-3 |
None | ||
| CBL Mariner 2.0 ARM | edk2 (CBL-Mariner) hvloader (CBL-Mariner) kata-containers-cc (CBL-Mariner) openssl (CBL-Mariner) |
Unknown | Unknown | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
20230301gitf80f052277c8-37 1.0.1-3 0.6.3-3 1.1.1k-26 |
None | ||
| CBL Mariner 2.0 x64 | edk2 (CBL-Mariner) hvloader (CBL-Mariner) kata-containers-cc (CBL-Mariner) openssl (CBL-Mariner) |
Unknown | Unknown | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
20230301gitf80f052277c8-37 1.0.1-3 0.6.3-3 1.1.1k-26 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2023-3817 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-39325
MITRE NVD Issuing CNA: security@golang.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    10/23/2023     Information published. 2.0    10/24/2023     Added moby-compose to CBL-Mariner 2.0 Added moby-containerd-cc to CBL-Mariner 2.0 Added vitess to CBL-Mariner 2.0 2.0    10/28/2023     Added coredns to CBL-Mariner 2.0 4.0    01/18/2024     Added packer to CBL-Mariner 2.0 5.0    02/02/2024     Added kata-containers-cc to CBL-Mariner 2.0 6.0    03/07/2024     Added kata-containers to CBL-Mariner 2.0 5.0    04/20/2024     Added git-lfs to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-39325 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | etcd (CBL-Mariner) moby-containerd-cc (CBL-Mariner) telegraf (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.5.12-1 1.7.7-3 1.29.4-1 |
None | ||
| Azure Linux 3.0 x64 | etcd (CBL-Mariner) moby-containerd-cc (CBL-Mariner) telegraf (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.5.12-1 1.7.7-3 1.29.4-1 |
None | ||
| CBL Mariner 2.0 ARM | blobfuse2 (CBL-Mariner) coredns (CBL-Mariner) cri-tools (CBL-Mariner) git-lfs (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.1.1-1 1.11.1-2 1.29.0-2 3.5.1-1 |
None | ||
| CBL Mariner 2.0 x64 | blobfuse2 (CBL-Mariner) coredns (CBL-Mariner) cri-tools (CBL-Mariner) git-lfs (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.1.1-1 1.11.1-2 1.29.0-2 3.5.1-1 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2023-39325 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-38325
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-38325 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | python-cryptography (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
42.0.5-1 | Unknown | None |
| Azure Linux 3.0 x64 | python-cryptography (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
42.0.5-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-38325 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-38711
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:6.5/TemporalScore:6.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    08/26/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-38711 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | libreswan (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
4.7-6 | Unknown | None |
| Azure Linux 3.0 x64 | libreswan (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
4.7-6 | Unknown | None |
| CBL Mariner 2.0 ARM | libreswan (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
4.7-5 | Unknown | None |
| CBL Mariner 2.0 x64 | libreswan (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
4.7-5 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-38711 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-38546
MITRE NVD Issuing CNA: support@hackerone.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:3.7/TemporalScore:3.7
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    10/10/2023     Information published. 1.0    10/18/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-38546 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | cmake (CBL-Mariner) tensorflow (CBL-Mariner) |
Unknown | Unknown | Base: 3.7 Temporal: 3.7 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N |
3.21.4-10 2.16.1-1 |
None | ||
| Azure Linux 3.0 x64 | cmake (CBL-Mariner) tensorflow (CBL-Mariner) |
Unknown | Unknown | Base: 3.7 Temporal: 3.7 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N |
3.21.4-10 2.16.1-1 |
None | ||
| CBL Mariner 2.0 ARM | cmake (CBL-Mariner) curl (CBL-Mariner) mysql (CBL-Mariner) |
Unknown | Unknown | Base: 3.7 Temporal: 3.7 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N |
3.21.4-10 8.3.0-2 8.0.35-1 |
None | ||
| CBL Mariner 2.0 x64 | cmake (CBL-Mariner) curl (CBL-Mariner) mysql (CBL-Mariner) |
Unknown | Unknown | Base: 3.7 Temporal: 3.7 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N |
3.21.4-10 8.3.0-2 8.0.35-1 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2023-38546 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-38712
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:6.5/TemporalScore:6.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    08/26/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-38712 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | libreswan (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
4.7-6 | Unknown | None |
| Azure Linux 3.0 x64 | libreswan (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
4.7-6 | Unknown | None |
| CBL Mariner 2.0 ARM | libreswan (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
4.7-5 | Unknown | None |
| CBL Mariner 2.0 x64 | libreswan (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
4.7-5 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-38712 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-38710
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:6.5/TemporalScore:6.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    08/26/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-38710 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | libreswan (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
4.7-6 | Unknown | None |
| Azure Linux 3.0 x64 | libreswan (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
4.7-6 | Unknown | None |
| CBL Mariner 2.0 ARM | libreswan (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
4.7-5 | Unknown | None |
| CBL Mariner 2.0 x64 | libreswan (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
4.7-5 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-38710 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-41361
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:9.8/TemporalScore:9.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-41361 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | frr (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
9.1-2 | Unknown | None |
| Azure Linux 3.0 x64 | frr (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
9.1-2 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-41361 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-41913
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:9.8/TemporalScore:9.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    12/08/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-41913 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | strongswan (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
5.9.12-1 | Unknown | None |
| Azure Linux 3.0 x64 | strongswan (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
5.9.12-1 | Unknown | None |
| CBL Mariner 2.0 ARM | strongswan (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
5.9.10-3 | Unknown | None |
| CBL Mariner 2.0 x64 | strongswan (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
5.9.10-3 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-41913 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-42282
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:9.8/TemporalScore:9.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    02/19/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-42282 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | nodejs (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
20.14.0-1 | Unknown | None |
| Azure Linux 3.0 x64 | nodejs (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
20.14.0-1 | Unknown | None |
| CBL Mariner 2.0 ARM | nodejs (CBL-Mariner) nodejs18 (CBL-Mariner) |
Unknown | Unknown | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
16.20.2-3 18.18.2-4 |
None | ||
| CBL Mariner 2.0 x64 | nodejs (CBL-Mariner) nodejs18 (CBL-Mariner) |
Unknown | Unknown | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
16.20.2-3 18.18.2-4 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2023-42282 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-45142
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    10/16/2023     Information published. 1.0    01/21/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-45142 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | docker-buildx (CBL-Mariner) kubernetes (CBL-Mariner) prometheus (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
0.14.0-1 1.29.1-2 2.45.4-1 |
None | ||
| Azure Linux 3.0 x64 | docker-buildx (CBL-Mariner) kubernetes (CBL-Mariner) prometheus (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
0.14.0-1 1.29.1-2 2.45.4-1 |
None | ||
| CBL Mariner 2.0 ARM | cri-tools (CBL-Mariner) opa (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.29.0-2 0.63.0-1 |
None | ||
| CBL Mariner 2.0 x64 | cri-tools (CBL-Mariner) opa (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.29.0-2 0.63.0-1 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2023-45142 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-45232
MITRE NVD Issuing CNA: infosec@edk2.groups.io |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    04/08/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-45232 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | edk2 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
20240223gitedc6681206c1-1 | Unknown | None |
| Azure Linux 3.0 x64 | edk2 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
20240223gitedc6681206c1-1 | Unknown | None |
| CBL Mariner 2.0 ARM | hvloader (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.0.1-3 | Unknown | None |
| CBL Mariner 2.0 x64 | hvloader (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.0.1-3 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-45232 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-45230
MITRE NVD Issuing CNA: infosec@edk2.groups.io |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:8.8/TemporalScore:8.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    04/08/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-45230 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | edk2 (CBL-Mariner) | Unknown | Unknown | None | Base: 8.8 Temporal: 8.8 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
20240223gitedc6681206c1-1 | Unknown | None |
| Azure Linux 3.0 x64 | edk2 (CBL-Mariner) | Unknown | Unknown | None | Base: 8.8 Temporal: 8.8 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
20240223gitedc6681206c1-1 | Unknown | None |
| CBL Mariner 2.0 ARM | hvloader (CBL-Mariner) | Unknown | Unknown | None | Base: 8.8 Temporal: 8.8 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.0.1-3 | Unknown | None |
| CBL Mariner 2.0 x64 | hvloader (CBL-Mariner) | Unknown | Unknown | None | Base: 8.8 Temporal: 8.8 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.0.1-3 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-45230 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-4408
MITRE NVD Issuing CNA: security-officer@isc.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    02/19/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-4408 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | bind (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
9.19.21-1 | Unknown | None |
| Azure Linux 3.0 x64 | bind (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
9.19.21-1 | Unknown | None |
| CBL Mariner 2.0 ARM | bind (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
9.16.48-1 | Unknown | None |
| CBL Mariner 2.0 x64 | bind (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
9.16.48-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-4408 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-45231
MITRE NVD Issuing CNA: infosec@edk2.groups.io |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:6.5/TemporalScore:6.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    04/08/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-45231 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | edk2 (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
20240223gitedc6681206c1-1 | Unknown | None |
| Azure Linux 3.0 x64 | edk2 (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
20240223gitedc6681206c1-1 | Unknown | None |
| CBL Mariner 2.0 ARM | hvloader (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
1.0.1-3 | Unknown | None |
| CBL Mariner 2.0 x64 | hvloader (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
1.0.1-3 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-45231 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-45229
MITRE NVD Issuing CNA: infosec@edk2.groups.io |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:6.5/TemporalScore:6.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    04/08/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-45229 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | edk2 (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
20240223gitedc6681206c1-1 | Unknown | None |
| Azure Linux 3.0 x64 | edk2 (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
20240223gitedc6681206c1-1 | Unknown | None |
| CBL Mariner 2.0 ARM | hvloader (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
1.0.1-3 | Unknown | None |
| CBL Mariner 2.0 x64 | hvloader (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
1.0.1-3 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-45229 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-45233
MITRE NVD Issuing CNA: infosec@edk2.groups.io |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    04/08/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-45233 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | edk2 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
20240223gitedc6681206c1-1 | Unknown | None |
| Azure Linux 3.0 x64 | edk2 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
20240223gitedc6681206c1-1 | Unknown | None |
| CBL Mariner 2.0 ARM | hvloader (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.0.1-3 | Unknown | None |
| CBL Mariner 2.0 x64 | hvloader (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.0.1-3 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-45233 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-45237
MITRE NVD Issuing CNA: infosec@edk2.groups.io |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    04/08/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-45237 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | edk2 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
20240223gitedc6681206c1-1 | Unknown | None |
| Azure Linux 3.0 x64 | edk2 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
20240223gitedc6681206c1-1 | Unknown | None |
| CBL Mariner 2.0 ARM | hvloader (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
1.0.1-3 | Unknown | None |
| CBL Mariner 2.0 x64 | hvloader (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
1.0.1-3 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-45237 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-45235
MITRE NVD Issuing CNA: infosec@edk2.groups.io |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:8.8/TemporalScore:8.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    04/08/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-45235 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | edk2 (CBL-Mariner) | Unknown | Unknown | None | Base: 8.8 Temporal: 8.8 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
20240223gitedc6681206c1-1 | Unknown | None |
| Azure Linux 3.0 x64 | edk2 (CBL-Mariner) | Unknown | Unknown | None | Base: 8.8 Temporal: 8.8 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
20240223gitedc6681206c1-1 | Unknown | None |
| CBL Mariner 2.0 ARM | hvloader (CBL-Mariner) | Unknown | Unknown | None | Base: 8.8 Temporal: 8.8 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.0.1-3 | Unknown | None |
| CBL Mariner 2.0 x64 | hvloader (CBL-Mariner) | Unknown | Unknown | None | Base: 8.8 Temporal: 8.8 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.0.1-3 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-45235 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-46118
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:4.9/TemporalScore:4.9
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-46118 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | rabbitmq-server (CBL-Mariner) | Unknown | Unknown | None | Base: 4.9 Temporal: 4.9 Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H |
3.13.0-1 | Unknown | None |
| Azure Linux 3.0 x64 | rabbitmq-server (CBL-Mariner) | Unknown | Unknown | None | Base: 4.9 Temporal: 4.9 Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H |
3.13.0-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-46118 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-45236
MITRE NVD Issuing CNA: infosec@edk2.groups.io |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    04/08/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-45236 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | edk2 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
20240223gitedc6681206c1-1 | Unknown | None |
| Azure Linux 3.0 x64 | edk2 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
20240223gitedc6681206c1-1 | Unknown | None |
| CBL Mariner 2.0 ARM | hvloader (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
1.0.1-3 | Unknown | None |
| CBL Mariner 2.0 x64 | hvloader (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
1.0.1-3 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-45236 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-45234
MITRE NVD Issuing CNA: infosec@edk2.groups.io |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:8.8/TemporalScore:8.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    04/08/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-45234 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | edk2 (CBL-Mariner) | Unknown | Unknown | None | Base: 8.8 Temporal: 8.8 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
20240223gitedc6681206c1-1 | Unknown | None |
| Azure Linux 3.0 x64 | edk2 (CBL-Mariner) | Unknown | Unknown | None | Base: 8.8 Temporal: 8.8 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
20240223gitedc6681206c1-1 | Unknown | None |
| CBL Mariner 2.0 ARM | hvloader (CBL-Mariner) | Unknown | Unknown | None | Base: 8.8 Temporal: 8.8 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.0.1-3 | Unknown | None |
| CBL Mariner 2.0 x64 | hvloader (CBL-Mariner) | Unknown | Unknown | None | Base: 8.8 Temporal: 8.8 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.0.1-3 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-45234 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-4535
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:3.8/TemporalScore:3.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    11/16/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-4535 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | opensc (CBL-Mariner) | Unknown | Unknown | None | Base: 3.8 Temporal: 3.8 Vector: CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L |
0.25.1-3 | Unknown | None |
| Azure Linux 3.0 x64 | opensc (CBL-Mariner) | Unknown | Unknown | None | Base: 3.8 Temporal: 3.8 Vector: CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L |
0.25.1-3 | Unknown | None |
| CBL Mariner 2.0 ARM | opensc (CBL-Mariner) | Unknown | Unknown | None | Base: 3.8 Temporal: 3.8 Vector: CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L |
0.23.0-2 | Unknown | None |
| CBL Mariner 2.0 x64 | opensc (CBL-Mariner) | Unknown | Unknown | None | Base: 3.8 Temporal: 3.8 Vector: CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L |
0.23.0-2 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-4535 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-45853
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:9.8/TemporalScore:9.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    10/16/2023     Information published. 2.0    10/17/2023     Added tcl to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-45853 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | keras (CBL-Mariner) rust (CBL-Mariner) tcl (CBL-Mariner) zlib (CBL-Mariner) |
Unknown | Unknown | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.1.1-1 1.75.0-1 8.6.13-3 1.3.1-1 |
None | ||
| Azure Linux 3.0 x64 | keras (CBL-Mariner) rust (CBL-Mariner) tcl (CBL-Mariner) zlib (CBL-Mariner) |
Unknown | Unknown | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.1.1-1 1.75.0-1 8.6.13-3 1.3.1-1 |
None | ||
| CBL Mariner 2.0 ARM | boost (CBL-Mariner) cloud-hypervisor (CBL-Mariner) rust (CBL-Mariner) tcl (CBL-Mariner) |
Unknown | Unknown | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.76.0-4 32.0-2 1.72.0-5 8.6.13-3 |
None | ||
| CBL Mariner 2.0 x64 | boost (CBL-Mariner) cloud-hypervisor (CBL-Mariner) rust (CBL-Mariner) tcl (CBL-Mariner) |
Unknown | Unknown | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.76.0-4 32.0-2 1.72.0-5 8.6.13-3 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2023-45853 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-46852
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    10/31/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-46852 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | memcached (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.6.27-1 | Unknown | None |
| Azure Linux 3.0 x64 | memcached (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.6.27-1 | Unknown | None |
| CBL Mariner 2.0 ARM | memcached (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.6.22-1 | Unknown | None |
| CBL Mariner 2.0 x64 | memcached (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.6.22-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-46852 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-46813
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7/TemporalScore:7
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    11/08/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-46813 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | hyperv-daemons (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
6.6.29.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | hyperv-daemons (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
6.6.29.1-1 | Unknown | None |
| CBL Mariner 2.0 ARM | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
5.15.137.1-1 | Unknown | None |
| CBL Mariner 2.0 x64 | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
5.15.137.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-46813 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-4692
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    10/27/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-4692 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.06-18 | Unknown | None |
| Azure Linux 3.0 x64 | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.06-18 | Unknown | None |
| CBL Mariner 2.0 ARM | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.06-13 | Unknown | None |
| CBL Mariner 2.0 x64 | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.06-13 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-4692 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-46853
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:9.8/TemporalScore:9.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    11/01/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-46853 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | memcached (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.6.27-1 | Unknown | None |
| Azure Linux 3.0 x64 | memcached (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.6.27-1 | Unknown | None |
| CBL Mariner 2.0 ARM | memcached (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.6.22-1 | Unknown | None |
| CBL Mariner 2.0 x64 | memcached (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.6.22-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-46853 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-46753
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.9/TemporalScore:5.9
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    11/01/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-46753 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | frr (CBL-Mariner) | Unknown | Unknown | None | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
9.1-2 | Unknown | None |
| Azure Linux 3.0 x64 | frr (CBL-Mariner) | Unknown | Unknown | None | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
9.1-2 | Unknown | None |
| CBL Mariner 2.0 ARM | frr (CBL-Mariner) | Unknown | Unknown | None | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
8.5.3-3 | Unknown | None |
| CBL Mariner 2.0 x64 | frr (CBL-Mariner) | Unknown | Unknown | None | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
8.5.3-3 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-46753 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-4785
MITRE NVD Issuing CNA: cve-coordination@google.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-4785 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | grpc (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.62.0-2 | Unknown | None |
| Azure Linux 3.0 x64 | grpc (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.62.0-2 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-4785 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-5215
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:6.5/TemporalScore:6.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    10/06/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-5215 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | libnbd (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.12.1-3 | Unknown | None |
| Azure Linux 3.0 x64 | libnbd (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.12.1-3 | Unknown | None |
| CBL Mariner 2.0 ARM | libnbd (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.12.1-3 | Unknown | None |
| CBL Mariner 2.0 x64 | libnbd (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.12.1-3 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-5215 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-5528
MITRE NVD Issuing CNA: security@kubernetes.io |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:8.8/TemporalScore:8.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    11/20/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-5528 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | kubernetes (CBL-Mariner) | Unknown | Unknown | None | Base: 8.8 Temporal: 8.8 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.28.7-2 | Unknown | None |
| Azure Linux 3.0 x64 | kubernetes (CBL-Mariner) | Unknown | Unknown | None | Base: 8.8 Temporal: 8.8 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.28.7-2 | Unknown | None |
| CBL Mariner 2.0 ARM | kubernetes (CBL-Mariner) | Unknown | Unknown | None | Base: 8.8 Temporal: 8.8 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.28.4-1 | Unknown | None |
| CBL Mariner 2.0 x64 | kubernetes (CBL-Mariner) | Unknown | Unknown | None | Base: 8.8 Temporal: 8.8 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.28.4-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-5528 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-5408
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.2/TemporalScore:7.2
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    11/07/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-5408 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | kubernetes (CBL-Mariner) | Unknown | Unknown | None | Base: 7.2 Temporal: 7.2 Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
1.29.1-2 | Unknown | None |
| Azure Linux 3.0 x64 | kubernetes (CBL-Mariner) | Unknown | Unknown | None | Base: 7.2 Temporal: 7.2 Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
1.29.1-2 | Unknown | None |
| CBL Mariner 2.0 ARM | kubernetes (CBL-Mariner) | Unknown | Unknown | None | Base: 7.2 Temporal: 7.2 Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
1.28.4-5 | Unknown | None |
| CBL Mariner 2.0 x64 | kubernetes (CBL-Mariner) | Unknown | Unknown | None | Base: 7.2 Temporal: 7.2 Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
1.28.4-5 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-5408 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-5678
MITRE NVD Issuing CNA: openssl-security@openssl.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.3/TemporalScore:5.3
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    11/13/2023     Information published. 2.0    03/07/2024     Added kata-containers to CBL-Mariner 2.0 3.0    04/06/2024     Added hvloader to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-5678 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | kata-containers-cc (CBL-Mariner) edk2 (CBL-Mariner) kata-containers (CBL-Mariner) nodejs (CBL-Mariner) |
Unknown | Unknown | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
3.2.0.azl1-1 20240223gitedc6681206c1-1 20.14.0-1 |
None | ||
| Azure Linux 3.0 x64 | edk2 (CBL-Mariner) kata-containers (CBL-Mariner) kata-containers-cc (CBL-Mariner) nodejs (CBL-Mariner) |
Unknown | Unknown | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
20240223gitedc6681206c1-1 3.2.0.azl1-1 20.14.0-1 |
None | ||
| CBL Mariner 2.0 ARM | hvloader (CBL-Mariner) kata-containers (CBL-Mariner) kata-containers-cc (CBL-Mariner) nodejs18 (CBL-Mariner) |
Unknown | Unknown | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
1.0.1-3 3.2.0.azl1-1 18.20.2-1 |
None | ||
| CBL Mariner 2.0 x64 | hvloader (CBL-Mariner) kata-containers (CBL-Mariner) kata-containers-cc (CBL-Mariner) nodejs18 (CBL-Mariner) |
Unknown | Unknown | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
1.0.1-3 3.2.0.azl1-1 18.20.2-1 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2023-5678 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-5517
MITRE NVD Issuing CNA: security-officer@isc.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    02/19/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-5517 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | bind (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
9.19.21-1 | Unknown | None |
| Azure Linux 3.0 x64 | bind (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
9.19.21-1 | Unknown | None |
| CBL Mariner 2.0 ARM | bind (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
9.16.48-1 | Unknown | None |
| CBL Mariner 2.0 x64 | bind (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
9.16.48-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-5517 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-5679
MITRE NVD Issuing CNA: security-officer@isc.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    02/19/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-5679 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | bind (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
9.19.21-1 | Unknown | None |
| Azure Linux 3.0 x64 | bind (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
9.19.21-1 | Unknown | None |
| CBL Mariner 2.0 ARM | bind (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
9.16.48-1 | Unknown | None |
| CBL Mariner 2.0 x64 | bind (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
9.16.48-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-5679 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-52426
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    02/09/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-52426 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | expat (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
2.6.2-1 | Unknown | None |
| Azure Linux 3.0 x64 | expat (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
2.6.2-1 | Unknown | None |
| CBL Mariner 2.0 ARM | expat (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
2.6.2-2 | Unknown | None |
| CBL Mariner 2.0 x64 | expat (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
2.6.2-2 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-52426 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-5764
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    12/21/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-5764 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | ansible (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.17.0-1 | Unknown | None |
| Azure Linux 3.0 x64 | ansible (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.17.0-1 | Unknown | None |
| CBL Mariner 2.0 ARM | ansible (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.14.12-1 | Unknown | None |
| CBL Mariner 2.0 x64 | ansible (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.14.12-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-5764 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-5992
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.9/TemporalScore:5.9
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-5992 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | opensc (CBL-Mariner) | Unknown | Unknown | None | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
0.25.1-3 | Unknown | None |
| Azure Linux 3.0 x64 | opensc (CBL-Mariner) | Unknown | Unknown | None | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
0.25.1-3 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-5992 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-52425
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    02/09/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-52425 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | expat (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.6.2-1 | Unknown | None |
| Azure Linux 3.0 x64 | expat (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.6.2-1 | Unknown | None |
| CBL Mariner 2.0 ARM | expat (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.6.2-2 | Unknown | None |
| CBL Mariner 2.0 x64 | expat (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.6.2-2 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-52425 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-52429
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    02/27/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-52429 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | hyperv-daemons (CBL-Mariner) kernel (CBL-Mariner) |
Unknown | Unknown | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
6.6.22.1-2 | None | ||
| Azure Linux 3.0 x64 | hyperv-daemons (CBL-Mariner) kernel (CBL-Mariner) |
Unknown | Unknown | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
6.6.22.1-2 | None | ||
| CBL Mariner 2.0 ARM | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
5.15.153.1-1 | Unknown | None |
| CBL Mariner 2.0 x64 | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
5.15.153.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-52429 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-0607
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:6.6/TemporalScore:6.6
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    01/27/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-0607 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 6.6 Temporal: 6.6 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H |
6.6.29.1-4 | Unknown | None |
| Azure Linux 3.0 x64 | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 6.6 Temporal: 6.6 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H |
6.6.29.1-4 | Unknown | None |
| CBL Mariner 2.0 ARM | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 6.6 Temporal: 6.6 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H |
5.15.148.1-1 | Unknown | None |
| CBL Mariner 2.0 x64 | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 6.6 Temporal: 6.6 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H |
5.15.148.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-0607 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-0727
MITRE NVD Issuing CNA: openssl-security@openssl.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    01/29/2024     Information published. 2.0    03/07/2024     Added kata-containers to CBL-Mariner 2.0 3.0    04/06/2024     Added hvloader to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-0727 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | kata-containers-cc (CBL-Mariner) kata-containers (CBL-Mariner) nodejs (CBL-Mariner) openssl (CBL-Mariner) |
Unknown | Unknown | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
3.2.0.azl1-1 20.14.0-1 3.3.0-1 |
None | ||
| Azure Linux 3.0 x64 | kata-containers (CBL-Mariner) kata-containers-cc (CBL-Mariner) nodejs (CBL-Mariner) openssl (CBL-Mariner) |
Unknown | Unknown | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
3.2.0.azl1-1 20.14.0-1 3.3.0-1 |
None | ||
| CBL Mariner 2.0 ARM | hvloader (CBL-Mariner) kata-containers (CBL-Mariner) kata-containers-cc (CBL-Mariner) nodejs18 (CBL-Mariner) |
Unknown | Unknown | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
1.0.1-3 3.2.0.azl1-1 18.20.2-1 |
None | ||
| CBL Mariner 2.0 x64 | hvloader (CBL-Mariner) kata-containers (CBL-Mariner) kata-containers-cc (CBL-Mariner) nodejs18 (CBL-Mariner) |
Unknown | Unknown | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
1.0.1-3 3.2.0.azl1-1 18.20.2-1 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2024-0727 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-0553
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-0553 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | gnutls (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
3.8.3-1 | Unknown | None |
| Azure Linux 3.0 x64 | gnutls (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
3.8.3-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-0553 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-0567
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    01/19/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-0567 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | gnutls (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.8.3-1 | Unknown | None |
| Azure Linux 3.0 x64 | gnutls (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.8.3-1 | Unknown | None |
| CBL Mariner 2.0 ARM | gnutls (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.7.7-4 | Unknown | None |
| CBL Mariner 2.0 x64 | gnutls (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.7.7-4 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-0567 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-0690
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    02/07/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-0690 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | ansible (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
2.17.0-1 | Unknown | None |
| Azure Linux 3.0 x64 | ansible (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
2.17.0-1 | Unknown | None |
| CBL Mariner 2.0 ARM | ansible (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
2.14.12-2 | Unknown | None |
| CBL Mariner 2.0 x64 | ansible (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
2.14.12-2 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-0690 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-6915
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    01/23/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-6915 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
6.6.29.1-4 | Unknown | None |
| Azure Linux 3.0 x64 | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
6.6.29.1-4 | Unknown | None |
| CBL Mariner 2.0 ARM | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
5.15.148.2-2 | Unknown | None |
| CBL Mariner 2.0 x64 | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
5.15.148.2-2 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-6915 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-6932
MITRE NVD Issuing CNA: security@google.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7/TemporalScore:7
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    12/29/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-6932 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
6.6.29.1-4 | Unknown | None |
| Azure Linux 3.0 x64 | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
6.6.29.1-4 | Unknown | None |
| CBL Mariner 2.0 ARM | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
5.15.143.1-1 | Unknown | None |
| CBL Mariner 2.0 x64 | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
5.15.143.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-6932 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-21891
MITRE NVD Issuing CNA: support@hackerone.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.9/TemporalScore:7.9
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-21891 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | nodejs (CBL-Mariner) | Unknown | Unknown | None | Base: 7.9 Temporal: 7.9 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N |
20.14.0-1 | Unknown | None |
| Azure Linux 3.0 x64 | nodejs (CBL-Mariner) | Unknown | Unknown | None | Base: 7.9 Temporal: 7.9 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N |
20.14.0-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-21891 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-21896
MITRE NVD Issuing CNA: support@hackerone.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.9/TemporalScore:7.9
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-21896 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | nodejs (CBL-Mariner) | Unknown | Unknown | None | Base: 7.9 Temporal: 7.9 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N |
20.14.0-1 | Unknown | None |
| Azure Linux 3.0 x64 | nodejs (CBL-Mariner) | Unknown | Unknown | None | Base: 7.9 Temporal: 7.9 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N |
20.14.0-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-21896 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-21890
MITRE NVD Issuing CNA: support@hackerone.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5/TemporalScore:5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-21890 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | nodejs (CBL-Mariner) | Unknown | Unknown | None | Base: 5 Temporal: 5 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
20.14.0-1 | Unknown | None |
| Azure Linux 3.0 x64 | nodejs (CBL-Mariner) | Unknown | Unknown | None | Base: 5 Temporal: 5 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
20.14.0-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-21890 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-21646
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:9.8/TemporalScore:9.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    01/16/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-21646 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | azure-iot-sdk-c (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
2024.03.04-1 | Unknown | None |
| Azure Linux 3.0 x64 | azure-iot-sdk-c (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
2024.03.04-1 | Unknown | None |
| CBL Mariner 2.0 ARM | azure-iot-sdk-c (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
2022.01.21-2 | Unknown | None |
| CBL Mariner 2.0 x64 | azure-iot-sdk-c (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
2022.01.21-2 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-21646 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-25580
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-25580 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | qtbase (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.6.2-1 | Unknown | None |
| Azure Linux 3.0 x64 | qtbase (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.6.2-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-25580 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-26898
MITRE NVD Issuing CNA: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-26898 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
6.6.29.1-3 | Unknown | None |
| Azure Linux 3.0 x64 | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
6.6.29.1-3 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-26898 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-26883
MITRE NVD Issuing CNA: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-26883 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
6.6.29.1-3 | Unknown | None |
| Azure Linux 3.0 x64 | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
6.6.29.1-3 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-26883 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-26884
MITRE NVD Issuing CNA: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-26884 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
6.6.29.1-3 | Unknown | None |
| Azure Linux 3.0 x64 | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
6.6.29.1-3 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-26884 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-26882
MITRE NVD Issuing CNA: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-26882 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
6.6.29.1-3 | Unknown | None |
| Azure Linux 3.0 x64 | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
6.6.29.1-3 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-26882 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-26885
MITRE NVD Issuing CNA: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-26885 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
6.6.29.1-3 | Unknown | None |
| Azure Linux 3.0 x64 | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
6.6.29.1-3 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-26885 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-26881
MITRE NVD Issuing CNA: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-26881 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
6.6.29.1-3 | Unknown | None |
| Azure Linux 3.0 x64 | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
6.6.29.1-3 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-26881 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-26907
MITRE NVD Issuing CNA: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-26907 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
6.6.29.1-3 | Unknown | None |
| Azure Linux 3.0 x64 | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
6.6.29.1-3 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-26907 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-26908
MITRE NVD Issuing CNA: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-26908 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.6.29.1-4 | Unknown | None |
| Azure Linux 3.0 x64 | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.6.29.1-4 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-26908 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-26909
MITRE NVD Issuing CNA: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-26909 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
6.6.29.1-3 | Unknown | None |
| Azure Linux 3.0 x64 | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
6.6.29.1-3 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-26909 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-27308
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    03/11/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-27308 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | rpm-ostree (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
2024.4-1 | Unknown | None |
| Azure Linux 3.0 x64 | rpm-ostree (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
2024.4-1 | Unknown | None |
| CBL Mariner 2.0 ARM | kata-containers (CBL-Mariner) kata-containers-cc (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
3.2.0.azl2-1 | None | ||
| CBL Mariner 2.0 x64 | kata-containers (CBL-Mariner) kata-containers-cc (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
3.2.0.azl2-1 | None | ||
| CVE ID | Acknowledgements |
| CVE-2024-27308 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-27391
MITRE NVD Issuing CNA: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-27391 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | hyperv-daemons (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.6.29.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | hyperv-daemons (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.6.29.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-27391 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-2757
MITRE NVD Issuing CNA: security@php.net |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-2757 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | php (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
8.3.6-1 | Unknown | None |
| Azure Linux 3.0 x64 | php (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
8.3.6-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-2757 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-28182
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.3/TemporalScore:5.3
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-28182 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | nodejs (CBL-Mariner) | Unknown | Unknown | None | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
20.14.0-1 | Unknown | None |
| Azure Linux 3.0 x64 | nodejs (CBL-Mariner) | Unknown | Unknown | None | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
20.14.0-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-28182 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-28863
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:6.5/TemporalScore:6.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-28863 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | nodejs (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
20.14.0-1 | Unknown | None |
| Azure Linux 3.0 x64 | nodejs (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
20.14.0-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-28863 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-29157
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/14/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-29157 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| Azure Linux 3.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| CBL Mariner 2.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CBL Mariner 2.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-29157 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-28757
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-28757 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | expat (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
2.6.2-1 | Unknown | None |
| Azure Linux 3.0 x64 | expat (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
2.6.2-1 | Unknown | None |
| CBL Mariner 2.0 ARM | expat (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
2.6.2-2 | Unknown | None |
| CBL Mariner 2.0 x64 | expat (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
2.6.2-2 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-28757 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-29161
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-29161 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| Azure Linux 3.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-29161 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-29163
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/14/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-29163 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| Azure Linux 3.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| CBL Mariner 2.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CBL Mariner 2.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-29163 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-29164
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/14/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-29164 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| Azure Linux 3.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| CBL Mariner 2.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CBL Mariner 2.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-29164 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-29162
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/14/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-29162 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| Azure Linux 3.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| CBL Mariner 2.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CBL Mariner 2.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-29162 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-30202
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-30202 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | emacs (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
29.3-1 | Unknown | None |
| Azure Linux 3.0 x64 | emacs (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
29.3-1 | Unknown | None |
| CBL Mariner 2.0 ARM | emacs (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
29.3-1 | Unknown | None |
| CBL Mariner 2.0 x64 | emacs (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
29.3-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-30202 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-30203
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-30203 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | emacs (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
29.3-1 | Unknown | None |
| Azure Linux 3.0 x64 | emacs (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
29.3-1 | Unknown | None |
| CBL Mariner 2.0 ARM | emacs (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
29.3-1 | Unknown | None |
| CBL Mariner 2.0 x64 | emacs (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
29.3-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-30203 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-32487
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    04/22/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-32487 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | less (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
643-2 | Unknown | None |
| Azure Linux 3.0 x64 | less (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
643-2 | Unknown | None |
| CBL Mariner 2.0 ARM | less (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
590-4 | Unknown | None |
| CBL Mariner 2.0 x64 | less (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
590-4 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-32487 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-32607
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/14/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-32607 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| Azure Linux 3.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| CBL Mariner 2.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CBL Mariner 2.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-32607 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-32605
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/14/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-32605 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| Azure Linux 3.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| CBL Mariner 2.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CBL Mariner 2.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-32605 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-32615
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/14/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-32615 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| Azure Linux 3.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| CBL Mariner 2.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CBL Mariner 2.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-32615 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-32618
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/14/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-32618 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| Azure Linux 3.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| CBL Mariner 2.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CBL Mariner 2.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-32618 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-32620
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/14/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-32620 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| Azure Linux 3.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| CBL Mariner 2.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CBL Mariner 2.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-32620 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-32619
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/14/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-32619 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| Azure Linux 3.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| CBL Mariner 2.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CBL Mariner 2.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-32619 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-32616
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/14/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-32616 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| Azure Linux 3.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| CBL Mariner 2.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CBL Mariner 2.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-32616 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-32622
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/14/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-32622 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| Azure Linux 3.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| CBL Mariner 2.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CBL Mariner 2.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-32622 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-32621
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/14/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-32621 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| Azure Linux 3.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| CBL Mariner 2.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CBL Mariner 2.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-32621 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-32623
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/14/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-32623 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| Azure Linux 3.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| CBL Mariner 2.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CBL Mariner 2.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-32623 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-33875
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/14/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-33875 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| Azure Linux 3.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| CBL Mariner 2.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CBL Mariner 2.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-33875 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-33873
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-33873 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| Azure Linux 3.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-33873 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-33877
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/14/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-33877 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| Azure Linux 3.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| CBL Mariner 2.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CBL Mariner 2.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-33877 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-33874
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/14/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-33874 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| Azure Linux 3.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| CBL Mariner 2.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CBL Mariner 2.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-33874 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-33876
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/14/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-33876 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| Azure Linux 3.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| CBL Mariner 2.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CBL Mariner 2.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-33876 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-4323
MITRE NVD Issuing CNA: vulnreport@tenable.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:9.8/TemporalScore:9.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/23/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-4323 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | fluent-bit (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.0.6-1 | Unknown | None |
| Azure Linux 3.0 x64 | fluent-bit (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.0.6-1 | Unknown | None |
| CBL Mariner 2.0 ARM | fluent-bit (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
2.2.3-1 | Unknown | None |
| CBL Mariner 2.0 x64 | fluent-bit (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
2.2.3-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-4323 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-3727
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:8.3/TemporalScore:8.3
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-3727 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | containerized-data-importer (CBL-Mariner) ig (CBL-Mariner) |
Unknown | Unknown | Base: 8.3 Temporal: 8.3 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H |
1.57.0-2 0.29.0-1 |
None | ||
| Azure Linux 3.0 x64 | containerized-data-importer (CBL-Mariner) ig (CBL-Mariner) |
Unknown | Unknown | Base: 8.3 Temporal: 8.3 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H |
1.57.0-2 0.29.0-1 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2024-3727 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-4603
MITRE NVD Issuing CNA: openssl-security@openssl.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/19/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-4603 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | nodejs (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
20.14.0-1 | Unknown | None |
| Azure Linux 3.0 x64 | nodejs (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
20.14.0-1 | Unknown | None |
| CBL Mariner 2.0 ARM | nodejs18 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
18.20.2-1 | Unknown | None |
| CBL Mariner 2.0 x64 | nodejs18 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
18.20.2-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-4603 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2019-17362
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:9.1/TemporalScore:9.1
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    01/19/2022     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2019-17362 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | libtomcrypt (CBL-Mariner) | Unknown | Unknown | None | Base: 9.1 Temporal: 9.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H |
1.18.2-9 | Unknown | None |
| Azure Linux 3.0 x64 | libtomcrypt (CBL-Mariner) | Unknown | Unknown | None | Base: 9.1 Temporal: 9.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H |
1.18.2-9 | Unknown | None |
| CBL Mariner 2.0 ARM | libtomcrypt (CBL-Mariner) | Unknown | Unknown | None | Base: 9.1 Temporal: 9.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H |
1.18.2-9 | Unknown | None |
| CBL Mariner 2.0 x64 | libtomcrypt (CBL-Mariner) | Unknown | Unknown | None | Base: 9.1 Temporal: 9.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H |
1.18.2-9 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2019-17362 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2014-3618
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    12/16/2021     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2014-3618 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | procmail (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
3.22-53 | Unknown | None |
| Azure Linux 3.0 x64 | procmail (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
3.22-53 | Unknown | None |
| CBL Mariner 2.0 ARM | procmail (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
3.22-53 | Unknown | None |
| CBL Mariner 2.0 x64 | procmail (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
3.22-53 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2014-3618 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-2990
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.1/TemporalScore:7.1
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    09/17/2022     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-2990 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | buildah (CBL-Mariner) | Unknown | Unknown | None | Base: 7.1 Temporal: 7.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N |
1.18.0-24 | Unknown | None |
| Azure Linux 3.0 x64 | buildah (CBL-Mariner) | Unknown | Unknown | None | Base: 7.1 Temporal: 7.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N |
1.18.0-24 | Unknown | None |
| CBL Mariner 2.0 ARM | buildah (CBL-Mariner) | Unknown | Unknown | None | Base: 7.1 Temporal: 7.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N |
1.18.0-17 | Unknown | None |
| CBL Mariner 2.0 x64 | buildah (CBL-Mariner) | Unknown | Unknown | None | Base: 7.1 Temporal: 7.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N |
1.18.0-17 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2022-2990 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2016-7567
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:9.8/TemporalScore:9.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    01/19/2022     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2016-7567 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | openslp (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
2.0.0-26 | Unknown | None |
| Azure Linux 3.0 x64 | openslp (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
2.0.0-26 | Unknown | None |
| CBL Mariner 2.0 ARM | openslp (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
2.0.0-26 | Unknown | None |
| CBL Mariner 2.0 x64 | openslp (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
2.0.0-26 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2016-7567 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2008-3908
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    12/16/2021     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2008-3908 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | wordnet (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
3.0-43 | Unknown | None |
| Azure Linux 3.0 x64 | wordnet (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
3.0-43 | Unknown | None |
| CBL Mariner 2.0 ARM | wordnet (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
3.0-38 | Unknown | None |
| CBL Mariner 2.0 x64 | wordnet (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
3.0-38 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2008-3908 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2004-2771
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    12/16/2021     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2004-2771 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | mailx (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
12.5-36 | Unknown | None |
| Azure Linux 3.0 x64 | mailx (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
12.5-36 | Unknown | None |
| CBL Mariner 2.0 ARM | mailx (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
12.5-34 | Unknown | None |
| CBL Mariner 2.0 x64 | mailx (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
12.5-34 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2004-2771 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2019-19977
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:9.8/TemporalScore:9.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    01/19/2022     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2019-19977 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | libesmtp (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.0.6-21 | Unknown | None |
| Azure Linux 3.0 x64 | libesmtp (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.0.6-21 | Unknown | None |
| CBL Mariner 2.0 ARM | libesmtp (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.0.6-21 | Unknown | None |
| CBL Mariner 2.0 x64 | libesmtp (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.0.6-21 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2019-19977 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2008-2149
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    12/16/2021     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2008-2149 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | wordnet (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
3.0-43 | Unknown | None |
| Azure Linux 3.0 x64 | wordnet (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
3.0-43 | Unknown | None |
| CBL Mariner 2.0 ARM | wordnet (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
3.0-38 | Unknown | None |
| CBL Mariner 2.0 x64 | wordnet (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
3.0-38 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2008-2149 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-27304
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:9.8/TemporalScore:9.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-27304 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | telegraf (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.31.0-1 | Unknown | None |
| Azure Linux 3.0 x64 | telegraf (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.31.0-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-27304 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-0901
MITRE NVD Issuing CNA: facts@wolfssl.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-0901 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | mariadb (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:H |
10.11.6-3 | Unknown | None |
| Azure Linux 3.0 x64 | mariadb (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:H |
10.11.6-3 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-0901 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-6779
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-6779 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | glibc (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.38-6 | Unknown | None |
| Azure Linux 3.0 x64 | glibc (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.38-6 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-6779 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-6246
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-6246 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | glibc (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.38-6 | Unknown | None |
| Azure Linux 3.0 x64 | glibc (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.38-6 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-6246 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2021-4238
MITRE NVD Issuing CNA: security@golang.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:9.1/TemporalScore:9.1
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2021-4238 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | influxdb (CBL-Mariner) | Unknown | Unknown | None | Base: 9.1 Temporal: 9.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H |
2.7.3-3 | Unknown | None |
| Azure Linux 3.0 x64 | influxdb (CBL-Mariner) | Unknown | Unknown | None | Base: 9.1 Temporal: 9.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H |
2.7.3-3 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2021-4238 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-36023
MITRE NVD Issuing CNA: cve@kernel.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/11/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-36023 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| CBL Mariner 2.0 ARM | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
5.15.158.2-1 | Unknown | None |
| CBL Mariner 2.0 x64 | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
5.15.158.2-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-36023 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-36902
MITRE NVD Issuing CNA: cve@kernel.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/11/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-36902 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| CBL Mariner 2.0 ARM | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
5.15.158.2-1 | Unknown | None |
| CBL Mariner 2.0 x64 | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
5.15.158.2-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-36902 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-36971
MITRE NVD Issuing CNA: cve@kernel.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/13/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-36971 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| CBL Mariner 2.0 ARM | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
5.15.158.2-1 | Unknown | None |
| CBL Mariner 2.0 x64 | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
5.15.158.2-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-36971 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-3966
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    02/22/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-3966 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | openvswitch (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.3.0-1 | Unknown | None |
| Azure Linux 3.0 x64 | openvswitch (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.3.0-1 | Unknown | None |
| CBL Mariner 2.0 ARM | openvswitch (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.17.9-1 | Unknown | None |
| CBL Mariner 2.0 x64 | openvswitch (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.17.9-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-3966 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-7250
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.3/TemporalScore:5.3
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    03/25/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-7250 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| CBL Mariner 2.0 ARM | iperf3 (CBL-Mariner) | Unknown | Unknown | None | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
3.17-1 | Unknown | None |
| CBL Mariner 2.0 x64 | iperf3 (CBL-Mariner) | Unknown | Unknown | None | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
3.17-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-7250 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-6597
MITRE NVD Issuing CNA: cna@python.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-6597 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| CBL Mariner 2.0 ARM | python3 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N |
3.9.19-1 | Unknown | None |
| CBL Mariner 2.0 x64 | python3 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N |
3.9.19-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-6597 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-1874
MITRE NVD Issuing CNA: security@php.net |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:9.4/TemporalScore:9.4
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    04/29/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-1874 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | php (CBL-Mariner) | Unknown | Unknown | None | Base: 9.4 Temporal: 9.4 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L |
8.3.8-1 | Unknown | None |
| Azure Linux 3.0 x64 | php (CBL-Mariner) | Unknown | Unknown | None | Base: 9.4 Temporal: 9.4 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L |
8.3.8-1 | Unknown | None |
| CBL Mariner 2.0 ARM | php (CBL-Mariner) | Unknown | Unknown | None | Base: 9.4 Temporal: 9.4 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L |
8.1.28-1 | Unknown | None |
| CBL Mariner 2.0 x64 | php (CBL-Mariner) | Unknown | Unknown | None | Base: 9.4 Temporal: 9.4 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L |
8.1.28-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-1874 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-2002
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    03/19/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-2002 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| CBL Mariner 2.0 ARM | libdwarf (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
0.9.0-3 | Unknown | None |
| CBL Mariner 2.0 x64 | libdwarf (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
0.9.0-3 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-2002 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-20328
MITRE NVD Issuing CNA: ykramarz@cisco.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.3/TemporalScore:5.3
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-20328 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | clamav (CBL-Mariner) | Unknown | Unknown | None | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L |
1.0.6-1 | Unknown | None |
| Azure Linux 3.0 x64 | clamav (CBL-Mariner) | Unknown | Unknown | None | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L |
1.0.6-1 | Unknown | None |
| CBL Mariner 2.0 ARM | clamav (CBL-Mariner) | Unknown | Unknown | None | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L |
0.105.2-5 | Unknown | None |
| CBL Mariner 2.0 x64 | clamav (CBL-Mariner) | Unknown | Unknown | None | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L |
0.105.2-5 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-20328 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-22025
MITRE NVD Issuing CNA: support@hackerone.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:6.5/TemporalScore:6.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-22025 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | nodejs (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
20.14.0-1 | Unknown | None |
| Azure Linux 3.0 x64 | nodejs (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
20.14.0-1 | Unknown | None |
| CBL Mariner 2.0 ARM | nodejs (CBL-Mariner) nodejs18 (CBL-Mariner) |
Unknown | Unknown | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
16.20.2-4 18.18.2-5 |
None | ||
| CBL Mariner 2.0 x64 | nodejs (CBL-Mariner) nodejs18 (CBL-Mariner) |
Unknown | Unknown | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
16.20.2-4 18.18.2-5 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2024-22025 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-22189
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    04/15/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-22189 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| CBL Mariner 2.0 ARM | coredns (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.11.1-6 | Unknown | None |
| CBL Mariner 2.0 x64 | coredns (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.11.1-6 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-22189 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-2408
MITRE NVD Issuing CNA: security@php.net |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.9/TemporalScore:5.9
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-2408 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | php (CBL-Mariner) | Unknown | Unknown | None | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
8.3.8-1 | Unknown | None |
| Azure Linux 3.0 x64 | php (CBL-Mariner) | Unknown | Unknown | None | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
8.3.8-1 | Unknown | None |
| CBL Mariner 2.0 ARM | php (CBL-Mariner) | Unknown | Unknown | None | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
8.1.29-1 | Unknown | None |
| CBL Mariner 2.0 x64 | php (CBL-Mariner) | Unknown | Unknown | None | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
8.1.29-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-2408 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-2494
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:6.2/TemporalScore:6.2
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    04/01/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-2494 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| CBL Mariner 2.0 ARM | libvirt (CBL-Mariner) | Unknown | Unknown | None | Base: 6.2 Temporal: 6.2 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
7.10.0-9 | Unknown | None |
| CBL Mariner 2.0 x64 | libvirt (CBL-Mariner) | Unknown | Unknown | None | Base: 6.2 Temporal: 6.2 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
7.10.0-9 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-2494 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-25110
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:9.8/TemporalScore:9.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-25110 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | azure-iot-sdk-c (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
2024.03.04-1 | Unknown | None |
| Azure Linux 3.0 x64 | azure-iot-sdk-c (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
2024.03.04-1 | Unknown | None |
| CBL Mariner 2.0 ARM | azure-iot-sdk-c (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
2022.01.21-3 | Unknown | None |
| CBL Mariner 2.0 x64 | azure-iot-sdk-c (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
2022.01.21-3 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-25110 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-25629
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:4.4/TemporalScore:4.4
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    02/26/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-25629 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | nodejs (CBL-Mariner) | Unknown | Unknown | None | Base: 4.4 Temporal: 4.4 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H |
20.14.0-1 | Unknown | None |
| Azure Linux 3.0 x64 | nodejs (CBL-Mariner) | Unknown | Unknown | None | Base: 4.4 Temporal: 4.4 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H |
20.14.0-1 | Unknown | None |
| CBL Mariner 2.0 ARM | nodejs18 (CBL-Mariner) | Unknown | Unknown | None | Base: 4.4 Temporal: 4.4 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H |
18.20.2-1 | Unknown | None |
| CBL Mariner 2.0 x64 | nodejs18 (CBL-Mariner) | Unknown | Unknown | None | Base: 4.4 Temporal: 4.4 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H |
18.20.2-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-25629 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-26147
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    02/26/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-26147 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | helm (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.13.2-3 | Unknown | None |
| Azure Linux 3.0 x64 | helm (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.13.2-3 | Unknown | None |
| CBL Mariner 2.0 ARM | cert-manager (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.11.2-10 | Unknown | None |
| CBL Mariner 2.0 x64 | cert-manager (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.11.2-10 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-26147 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-27099
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:9.8/TemporalScore:9.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-27099 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | azure-iot-sdk-c (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
2024.03.04-1 | Unknown | None |
| Azure Linux 3.0 x64 | azure-iot-sdk-c (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
2024.03.04-1 | Unknown | None |
| CBL Mariner 2.0 ARM | azure-iot-sdk-c (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
2022.01.21-3 | Unknown | None |
| CBL Mariner 2.0 x64 | azure-iot-sdk-c (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
2022.01.21-3 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-27099 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-27982
MITRE NVD Issuing CNA: support@hackerone.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:6.5/TemporalScore:6.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/08/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-27982 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | nodejs (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L |
20.14.0-1 | Unknown | None |
| Azure Linux 3.0 x64 | nodejs (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L |
20.14.0-1 | Unknown | None |
| CBL Mariner 2.0 ARM | nodejs18 (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L |
18.20.2-1 | Unknown | None |
| CBL Mariner 2.0 x64 | nodejs18 (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L |
18.20.2-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-27982 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-27983
MITRE NVD Issuing CNA: support@hackerone.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:8.2/TemporalScore:8.2
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    04/09/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-27983 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | nodejs (CBL-Mariner) | Unknown | Unknown | None | Base: 8.2 Temporal: 8.2 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H |
20.14.0-1 | Unknown | None |
| Azure Linux 3.0 x64 | nodejs (CBL-Mariner) | Unknown | Unknown | None | Base: 8.2 Temporal: 8.2 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H |
20.14.0-1 | Unknown | None |
| CBL Mariner 2.0 ARM | nodejs18 (CBL-Mariner) | Unknown | Unknown | None | Base: 8.2 Temporal: 8.2 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H |
18.18.2-7 | Unknown | None |
| CBL Mariner 2.0 x64 | nodejs18 (CBL-Mariner) | Unknown | Unknown | None | Base: 8.2 Temporal: 8.2 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H |
18.18.2-7 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-27983 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-28110
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-28110 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | telegraf (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
1.31.0-1 | Unknown | None |
| Azure Linux 3.0 x64 | telegraf (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
1.31.0-1 | Unknown | None |
| CBL Mariner 2.0 ARM | telegraf (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
1.28.5-5 | Unknown | None |
| CBL Mariner 2.0 x64 | telegraf (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
1.28.5-5 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-28110 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-28180
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:4.3/TemporalScore:4.3
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    04/11/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-28180 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | keda (CBL-Mariner) telegraf (CBL-Mariner) |
Unknown | Unknown | Base: 4.3 Temporal: 4.3 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L |
2.14.0-1 1.31.0-1 |
None | ||
| Azure Linux 3.0 x64 | keda (CBL-Mariner) telegraf (CBL-Mariner) |
Unknown | Unknown | Base: 4.3 Temporal: 4.3 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L |
2.14.0-1 1.31.0-1 |
None | ||
| CBL Mariner 2.0 ARM | cri-o (CBL-Mariner) | Unknown | Unknown | None | Base: 4.3 Temporal: 4.3 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L |
1.21.7-2 | Unknown | None |
| CBL Mariner 2.0 x64 | cri-o (CBL-Mariner) | Unknown | Unknown | None | Base: 4.3 Temporal: 4.3 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L |
1.21.7-2 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-28180 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-3154
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.2/TemporalScore:7.2
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/31/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-3154 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| CBL Mariner 2.0 ARM | cri-o (CBL-Mariner) | Unknown | Unknown | None | Base: 7.2 Temporal: 7.2 Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
1.22.3-2 | Unknown | None |
| CBL Mariner 2.0 x64 | cri-o (CBL-Mariner) | Unknown | Unknown | None | Base: 7.2 Temporal: 7.2 Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
1.22.3-2 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-3154 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-32020
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:3.9/TemporalScore:3.9
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/17/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-32020 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| CBL Mariner 2.0 ARM | git (CBL-Mariner) | Unknown | Unknown | None | Base: 3.9 Temporal: 3.9 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L |
2.39.4-1 | Unknown | None |
| CBL Mariner 2.0 x64 | git (CBL-Mariner) | Unknown | Unknown | None | Base: 3.9 Temporal: 3.9 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L |
2.39.4-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-32020 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-32021
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:3.9/TemporalScore:3.9
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/17/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-32021 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| CBL Mariner 2.0 ARM | git (CBL-Mariner) | Unknown | Unknown | None | Base: 3.9 Temporal: 3.9 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L |
2.39.4-1 | Unknown | None |
| CBL Mariner 2.0 x64 | git (CBL-Mariner) | Unknown | Unknown | None | Base: 3.9 Temporal: 3.9 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L |
2.39.4-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-32021 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-32465
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.3/TemporalScore:7.3
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/17/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-32465 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| CBL Mariner 2.0 ARM | git (CBL-Mariner) | Unknown | Unknown | None | Base: 7.3 Temporal: 7.3 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H |
2.39.4-1 | Unknown | None |
| CBL Mariner 2.0 x64 | git (CBL-Mariner) | Unknown | Unknown | None | Base: 7.3 Temporal: 7.3 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H |
2.39.4-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-32465 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-34064
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.4/TemporalScore:5.4
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/13/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-34064 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| CBL Mariner 2.0 ARM | python-jinja2 (CBL-Mariner) | Unknown | Unknown | None | Base: 5.4 Temporal: 5.4 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N |
3.0.3-4 | Unknown | None |
| CBL Mariner 2.0 x64 | python-jinja2 (CBL-Mariner) | Unknown | Unknown | None | Base: 5.4 Temporal: 5.4 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N |
3.0.3-4 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-34064 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-34062
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:4.8/TemporalScore:4.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/07/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-34062 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| CBL Mariner 2.0 ARM | python-tqdm (CBL-Mariner) | Unknown | Unknown | None | Base: 4.8 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L |
4.63.1-3 | Unknown | None |
| CBL Mariner 2.0 x64 | python-tqdm (CBL-Mariner) | Unknown | Unknown | None | Base: 4.8 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L |
4.63.1-3 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-34062 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-5564
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:8.1/TemporalScore:8.1
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-5564 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | libndp (CBL-Mariner) | Unknown | Unknown | None | Base: 8.1 Temporal: 8.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.8-2 | Unknown | None |
| Azure Linux 3.0 x64 | libndp (CBL-Mariner) | Unknown | Unknown | None | Base: 8.1 Temporal: 8.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.8-2 | Unknown | None |
| CBL Mariner 2.0 ARM | libndp (CBL-Mariner) | Unknown | Unknown | None | Base: 8.1 Temporal: 8.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.8-2 | Unknown | None |
| CBL Mariner 2.0 x64 | libndp (CBL-Mariner) | Unknown | Unknown | None | Base: 8.1 Temporal: 8.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.8-2 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-5564 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-3817
MITRE NVD Issuing CNA: security@hashicorp.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:9.8/TemporalScore:9.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    04/22/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-3817 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| CBL Mariner 2.0 ARM | terraform (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.3.2-14 | Unknown | None |
| CBL Mariner 2.0 x64 | terraform (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.3.2-14 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-3817 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-37535
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-37535 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| CBL Mariner 2.0 ARM | vte291 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
0.66.2-3 | Unknown | None |
| CBL Mariner 2.0 x64 | vte291 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
0.66.2-3 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-37535 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-5458
MITRE NVD Issuing CNA: security@php.net |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.3/TemporalScore:5.3
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-5458 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | php (CBL-Mariner) | Unknown | Unknown | None | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
8.3.8-1 | Unknown | None |
| Azure Linux 3.0 x64 | php (CBL-Mariner) | Unknown | Unknown | None | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
8.3.8-1 | Unknown | None |
| CBL Mariner 2.0 ARM | php (CBL-Mariner) | Unknown | Unknown | None | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
8.1.29-1 | Unknown | None |
| CBL Mariner 2.0 x64 | php (CBL-Mariner) | Unknown | Unknown | None | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
8.1.29-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-5458 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-5585
MITRE NVD Issuing CNA: security@php.net |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:8.8/TemporalScore:8.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-5585 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | php (CBL-Mariner) | Unknown | Unknown | None | Base: 8.8 Temporal: 8.8 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
8.3.8-1 | Unknown | None |
| Azure Linux 3.0 x64 | php (CBL-Mariner) | Unknown | Unknown | None | Base: 8.8 Temporal: 8.8 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
8.3.8-1 | Unknown | None |
| CBL Mariner 2.0 ARM | php (CBL-Mariner) | Unknown | Unknown | None | Base: 8.8 Temporal: 8.8 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
8.1.29-1 | Unknown | None |
| CBL Mariner 2.0 x64 | php (CBL-Mariner) | Unknown | Unknown | None | Base: 8.8 Temporal: 8.8 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
8.1.29-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-5585 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2007-2768
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    09/25/2020     Information published. 2.0    12/16/2021     Added openssh to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2007-2768 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | openssh (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
9.5p1-2 | Unknown | None |
| Azure Linux 3.0 x64 | openssh (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
9.5p1-2 | Unknown | None |
| CBL Mariner 1.0 ARM | openssh (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
8.5p1-3 | Unknown | None |
| CBL Mariner 1.0 x64 | openssh (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
8.5p1-3 | Unknown | None |
| CBL Mariner 2.0 ARM | openssh (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
8.8p1-2 | Unknown | None |
| CBL Mariner 2.0 x64 | openssh (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
8.8p1-2 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2007-2768 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-38428
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-38428 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| CBL Mariner 2.0 ARM | wget (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.21.2-3 | Unknown | None |
| CBL Mariner 2.0 x64 | wget (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.21.2-3 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-38428 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2008-0888
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    09/25/2020     Information published. 2.0    12/16/2021     Added unzip to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2008-0888 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.0-20 | Unknown | None |
| Azure Linux 3.0 x64 | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.0-20 | Unknown | None |
| CBL Mariner 1.0 ARM | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.0-16 | Unknown | None |
| CBL Mariner 1.0 x64 | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.0-16 | Unknown | None |
| CBL Mariner 2.0 ARM | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.0-19 | Unknown | None |
| CBL Mariner 2.0 x64 | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.0-19 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2008-0888 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2012-6687
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    08/18/2020     Information published. 2.0    12/16/2021     Added fcgi to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2012-6687 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | fcgi (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
2.4.0-7 | Unknown | None |
| Azure Linux 3.0 x64 | fcgi (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
2.4.0-7 | Unknown | None |
| CBL Mariner 1.0 ARM | fcgi (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
2.4.0-7 | Unknown | None |
| CBL Mariner 1.0 x64 | fcgi (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
2.4.0-7 | Unknown | None |
| CBL Mariner 2.0 ARM | fcgi (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
2.4.0-7 | Unknown | None |
| CBL Mariner 2.0 x64 | fcgi (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
2.4.0-7 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2012-6687 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-4068
MITRE NVD Issuing CNA: oss-report@checkmarx.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/17/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-4068 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| CBL Mariner 2.0 ARM | reaper (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.1.1-9 | Unknown | None |
| CBL Mariner 2.0 x64 | reaper (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.1.1-9 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-4068 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2010-2891
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    12/16/2021     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2010-2891 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | libsmi (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
0.4.8-28 | Unknown | None |
| Azure Linux 3.0 x64 | libsmi (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
0.4.8-28 | Unknown | None |
| CBL Mariner 2.0 ARM | libsmi (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
0.4.8-27 | Unknown | None |
| CBL Mariner 2.0 x64 | libsmi (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
0.4.8-27 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2010-2891 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2013-4420
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    08/18/2020     Information published. 2.0    12/16/2021     Added libtar to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2013-4420 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | libtar (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.2.20-11 | Unknown | None |
| Azure Linux 3.0 x64 | libtar (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.2.20-11 | Unknown | None |
| CBL Mariner 1.0 ARM | libtar (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.2.20-8 | Unknown | None |
| CBL Mariner 1.0 x64 | libtar (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.2.20-8 | Unknown | None |
| CBL Mariner 2.0 ARM | libtar (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.2.20-8 | Unknown | None |
| CBL Mariner 2.0 x64 | libtar (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.2.20-8 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2013-4420 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2013-4342
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    02/20/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2013-4342 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | xinetd (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
2.3.15-14 | Unknown | None |
| Azure Linux 3.0 x64 | xinetd (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
2.3.15-14 | Unknown | None |
| CBL Mariner 1.0 ARM | xinetd (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
2.3.15-13 | Unknown | None |
| CBL Mariner 1.0 x64 | xinetd (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
2.3.15-13 | Unknown | None |
| CBL Mariner 2.0 ARM | xinetd (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
2.3.15-14 | Unknown | None |
| CBL Mariner 2.0 x64 | xinetd (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
2.3.15-14 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2013-4342 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2013-6381
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    02/10/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2013-6381 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.6.29.1-4 | Unknown | None |
| Azure Linux 3.0 x64 | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.6.29.1-4 | Unknown | None |
| CBL Mariner 2.0 ARM | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
5.15.148.2-2 | Unknown | None |
| CBL Mariner 2.0 x64 | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
5.15.148.2-2 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2013-6381 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2014-0069
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    02/06/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2014-0069 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.6.29.1-4 | Unknown | None |
| Azure Linux 3.0 x64 | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.6.29.1-4 | Unknown | None |
| CBL Mariner 2.0 ARM | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
5.15.148.2-2 | Unknown | None |
| CBL Mariner 2.0 x64 | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
5.15.148.2-2 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2014-0069 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2014-3185
MITRE NVD Issuing CNA: chrome-cve-admin@google.com |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    02/16/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2014-3185 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.6.22.1-2 | Unknown | None |
| Azure Linux 3.0 x64 | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.6.22.1-2 | Unknown | None |
| CBL Mariner 2.0 ARM | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
5.15.153.1-1 | Unknown | None |
| CBL Mariner 2.0 x64 | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
5.15.153.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2014-3185 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2014-8139
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    08/18/2020     Information published. 2.0    12/16/2021     Added unzip to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2014-8139 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
6.0-20 | Unknown | None |
| Azure Linux 3.0 x64 | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
6.0-20 | Unknown | None |
| CBL Mariner 1.0 ARM | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
6.0-16 | Unknown | None |
| CBL Mariner 1.0 x64 | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
6.0-16 | Unknown | None |
| CBL Mariner 2.0 ARM | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
6.0-19 | Unknown | None |
| CBL Mariner 2.0 x64 | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
6.0-19 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2014-8139 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2014-8140
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    08/18/2020     Information published. 2.0    12/16/2021     Added unzip to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2014-8140 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
6.0-20 | Unknown | None |
| Azure Linux 3.0 x64 | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
6.0-20 | Unknown | None |
| CBL Mariner 1.0 ARM | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
6.0-16 | Unknown | None |
| CBL Mariner 1.0 x64 | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
6.0-16 | Unknown | None |
| CBL Mariner 2.0 ARM | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
6.0-19 | Unknown | None |
| CBL Mariner 2.0 x64 | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
6.0-19 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2014-8140 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2014-8141
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    08/18/2020     Information published. 2.0    12/16/2021     Added unzip to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2014-8141 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
6.0-20 | Unknown | None |
| Azure Linux 3.0 x64 | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
6.0-20 | Unknown | None |
| CBL Mariner 1.0 ARM | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
6.0-16 | Unknown | None |
| CBL Mariner 1.0 x64 | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
6.0-16 | Unknown | None |
| CBL Mariner 2.0 ARM | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
6.0-19 | Unknown | None |
| CBL Mariner 2.0 x64 | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
6.0-19 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2014-8141 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2014-9913
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:4/TemporalScore:4
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    08/18/2020     Information published. 2.0    12/16/2021     Added unzip to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2014-9913 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: 4 Temporal: 4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
6.0-20 | Unknown | None |
| Azure Linux 3.0 x64 | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: 4 Temporal: 4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
6.0-20 | Unknown | None |
| CBL Mariner 1.0 ARM | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: 4 Temporal: 4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
6.0-15 | Unknown | None |
| CBL Mariner 1.0 x64 | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: 4 Temporal: 4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
6.0-15 | Unknown | None |
| CBL Mariner 2.0 ARM | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: 4 Temporal: 4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
6.0-19 | Unknown | None |
| CBL Mariner 2.0 x64 | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: 4 Temporal: 4 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
6.0-19 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2014-9913 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2014-9636
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    08/18/2020     Information published. 2.0    12/16/2021     Added unzip to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2014-9636 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.0-20 | Unknown | None |
| Azure Linux 3.0 x64 | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.0-20 | Unknown | None |
| CBL Mariner 1.0 ARM | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.0-16 | Unknown | None |
| CBL Mariner 1.0 x64 | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.0-16 | Unknown | None |
| CBL Mariner 2.0 ARM | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.0-19 | Unknown | None |
| CBL Mariner 2.0 x64 | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.0-19 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2014-9636 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2015-2987
MITRE NVD Issuing CNA: vultures@jpcert.or.jp |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    08/18/2020     Information published. 2.0    12/16/2021     Added ed to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2015-2987 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | ed (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.20-1 | Unknown | None |
| Azure Linux 3.0 x64 | ed (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.20-1 | Unknown | None |
| CBL Mariner 1.0 ARM | ed (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.2-8 | Unknown | None |
| CBL Mariner 1.0 x64 | ed (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.2-8 | Unknown | None |
| CBL Mariner 2.0 ARM | ed (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.2-9 | Unknown | None |
| CBL Mariner 2.0 x64 | ed (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.2-9 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2015-2987 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2015-5157
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    02/16/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2015-5157 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.6.22.1-2 | Unknown | None |
| Azure Linux 3.0 x64 | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.6.22.1-2 | Unknown | None |
| CBL Mariner 2.0 ARM | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
5.15.153.1-1 | Unknown | None |
| CBL Mariner 2.0 x64 | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
5.15.153.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2015-5157 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2015-7696
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    08/18/2020     Information published. 2.0    12/16/2021     Added unzip to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2015-7696 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.0-20 | Unknown | None |
| Azure Linux 3.0 x64 | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.0-20 | Unknown | None |
| CBL Mariner 1.0 ARM | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.0-15 | Unknown | None |
| CBL Mariner 1.0 x64 | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.0-15 | Unknown | None |
| CBL Mariner 2.0 ARM | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.0-19 | Unknown | None |
| CBL Mariner 2.0 x64 | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.0-19 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2015-7696 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2018-1000035
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    08/18/2020     Information published. 2.0    12/16/2021     Added unzip to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2018-1000035 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
6.0-20 | Unknown | None |
| Azure Linux 3.0 x64 | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
6.0-20 | Unknown | None |
| CBL Mariner 1.0 ARM | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
6.0-16 | Unknown | None |
| CBL Mariner 1.0 x64 | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
6.0-16 | Unknown | None |
| CBL Mariner 2.0 ARM | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
6.0-19 | Unknown | None |
| CBL Mariner 2.0 x64 | unzip (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
6.0-19 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2018-1000035 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2017-3612
MITRE NVD Issuing CNA: secalert_us@oracle.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7/TemporalScore:7
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    07/30/2021     Information published. 2.0    12/16/2021     Added libdb to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2017-3612 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| Azure Linux 3.0 x64 | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| CBL Mariner 1.0 ARM | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-5 | Unknown | None |
| CBL Mariner 1.0 x64 | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-5 | Unknown | None |
| CBL Mariner 2.0 ARM | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| CBL Mariner 2.0 x64 | libdb (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.3.28-7 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2017-3612 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2018-1000097
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    12/16/2021     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2018-1000097 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | sharutils (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
4.15.2-21 | Unknown | None |
| Azure Linux 3.0 x64 | sharutils (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
4.15.2-21 | Unknown | None |
| CBL Mariner 2.0 ARM | sharutils (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
4.15.2-20 | Unknown | None |
| CBL Mariner 2.0 x64 | sharutils (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
4.15.2-20 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2018-1000097 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2018-20969
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    08/18/2020     Information published. 2.0    12/16/2021     Added patch to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2018-20969 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | patch (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
2.7.6-9 | Unknown | None |
| Azure Linux 3.0 x64 | patch (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
2.7.6-9 | Unknown | None |
| CBL Mariner 1.0 ARM | patch (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
2.7.6-7 | Unknown | None |
| CBL Mariner 1.0 x64 | patch (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
2.7.6-7 | Unknown | None |
| CBL Mariner 2.0 ARM | patch (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
2.7.6-7 | Unknown | None |
| CBL Mariner 2.0 x64 | patch (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
2.7.6-7 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2018-20969 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2018-1999023
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:8.8/TemporalScore:8.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2018-1999023 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | ceph (CBL-Mariner) | Unknown | Unknown | None | Base: 8.8 Temporal: 8.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
18.2.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | ceph (CBL-Mariner) | Unknown | Unknown | None | Base: 8.8 Temporal: 8.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
18.2.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2018-1999023 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2018-20169
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:6.8/TemporalScore:6.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    02/16/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2018-20169 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 6.8 Temporal: 6.8 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
6.6.22.1-2 | Unknown | None |
| Azure Linux 3.0 x64 | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 6.8 Temporal: 6.8 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
6.6.22.1-2 | Unknown | None |
| CBL Mariner 2.0 ARM | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 6.8 Temporal: 6.8 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
5.15.148.2-2 | Unknown | None |
| CBL Mariner 2.0 x64 | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 6.8 Temporal: 6.8 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
5.15.148.2-2 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2018-20169 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2018-20346
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:8.1/TemporalScore:8.1
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2018-20346 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | ceph (CBL-Mariner) | Unknown | Unknown | None | Base: 8.1 Temporal: 8.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
18.2.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | ceph (CBL-Mariner) | Unknown | Unknown | None | Base: 8.1 Temporal: 8.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
18.2.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2018-20346 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2018-20505
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2018-20505 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | ceph (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
18.2.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | ceph (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
18.2.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2018-20505 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2018-20506
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:8.1/TemporalScore:8.1
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2018-20506 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | ceph (CBL-Mariner) | Unknown | Unknown | None | Base: 8.1 Temporal: 8.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
18.2.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | ceph (CBL-Mariner) | Unknown | Unknown | None | Base: 8.1 Temporal: 8.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
18.2.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2018-20506 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2019-13636
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.9/TemporalScore:5.9
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    08/18/2020     Information published. 2.0    12/16/2021     Added patch to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2019-13636 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | patch (CBL-Mariner) | Unknown | Unknown | None | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N |
2.7.6-9 | Unknown | None |
| Azure Linux 3.0 x64 | patch (CBL-Mariner) | Unknown | Unknown | None | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N |
2.7.6-9 | Unknown | None |
| CBL Mariner 1.0 ARM | patch (CBL-Mariner) | Unknown | Unknown | None | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N |
2.7.6-7 | Unknown | None |
| CBL Mariner 1.0 x64 | patch (CBL-Mariner) | Unknown | Unknown | None | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N |
2.7.6-7 | Unknown | None |
| CBL Mariner 2.0 ARM | patch (CBL-Mariner) | Unknown | Unknown | None | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N |
2.7.6-7 | Unknown | None |
| CBL Mariner 2.0 x64 | patch (CBL-Mariner) | Unknown | Unknown | None | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N |
2.7.6-7 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2019-13636 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2019-13638
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    09/25/2020     Information published. 2.0    12/16/2021     Added patch to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2019-13638 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | patch (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
2.7.6-9 | Unknown | None |
| Azure Linux 3.0 x64 | patch (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
2.7.6-9 | Unknown | None |
| CBL Mariner 1.0 ARM | patch (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
2.7.6-7 | Unknown | None |
| CBL Mariner 1.0 x64 | patch (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
2.7.6-7 | Unknown | None |
| CBL Mariner 2.0 ARM | patch (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
2.7.6-7 | Unknown | None |
| CBL Mariner 2.0 x64 | patch (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
2.7.6-7 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2019-13638 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2019-14274
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    12/16/2021     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2019-14274 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | mcpp (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
2.7.2-28 | Unknown | None |
| Azure Linux 3.0 x64 | mcpp (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
2.7.2-28 | Unknown | None |
| CBL Mariner 2.0 ARM | mcpp (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
2.7.2-28 | Unknown | None |
| CBL Mariner 2.0 x64 | mcpp (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
2.7.2-28 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2019-14274 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2019-19645
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2019-19645 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | ceph (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
18.2.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | ceph (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
18.2.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2019-19645 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2019-19646
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:9.8/TemporalScore:9.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2019-19646 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | ceph (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
18.2.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | ceph (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
18.2.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2019-19646 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2019-20503
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:6.5/TemporalScore:6.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/17/2022     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2019-20503 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | usrsctp (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
0.9.5.0-1 | Unknown | None |
| Azure Linux 3.0 x64 | usrsctp (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
0.9.5.0-1 | Unknown | None |
| CBL Mariner 2.0 ARM | usrsctp (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
0.9.5.0-1 | Unknown | None |
| CBL Mariner 2.0 x64 | usrsctp (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
0.9.5.0-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2019-20503 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2019-8457
MITRE NVD Issuing CNA: cve@checkpoint.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:9.8/TemporalScore:9.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2019-8457 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | ceph (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
18.2.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | ceph (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
18.2.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2019-8457 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2020-11655
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2020-11655 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | ceph (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
18.2.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | ceph (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
18.2.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2020-11655 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2019-9741
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:6.1/TemporalScore:6.1
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2019-9741 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | python-tensorboard (CBL-Mariner) | Unknown | Unknown | None | Base: 6.1 Temporal: 6.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
2.16.2-1 | Unknown | None |
| Azure Linux 3.0 x64 | python-tensorboard (CBL-Mariner) | Unknown | Unknown | None | Base: 6.1 Temporal: 6.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
2.16.2-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2019-9741 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2020-11656
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:9.8/TemporalScore:9.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2020-11656 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | ceph (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
18.2.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | ceph (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
18.2.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2020-11656 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2020-13630
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7/TemporalScore:7
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2020-13630 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | ceph (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
18.2.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | ceph (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
18.2.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2020-13630 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2020-13632
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2020-13632 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | ceph (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
18.2.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | ceph (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
18.2.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2020-13632 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2020-13631
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2020-13631 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | ceph (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N |
18.2.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | ceph (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N |
18.2.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2020-13631 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2020-15586
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.9/TemporalScore:5.9
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    08/18/2020     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2020-15586 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | python-tensorboard (CBL-Mariner) | Unknown | Unknown | None | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.16.2-1 | Unknown | None |
| Azure Linux 3.0 x64 | python-tensorboard (CBL-Mariner) | Unknown | Unknown | None | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.16.2-1 | Unknown | None |
| CBL Mariner 1.0 ARM | golang (CBL-Mariner) | Unknown | Unknown | None | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.15.13-1 | Unknown | None |
| CBL Mariner 1.0 x64 | golang (CBL-Mariner) | Unknown | Unknown | None | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.15.13-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2020-15586 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2021-3115
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2021-3115 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | python-tensorboard (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
2.16.2-1 | Unknown | None |
| Azure Linux 3.0 x64 | python-tensorboard (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
2.16.2-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2021-3115 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2020-18032
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    09/27/2021     Information published. 2.0    12/16/2021     Added graphviz to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2020-18032 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | graphviz (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
2.42.4-10 | Unknown | None |
| Azure Linux 3.0 x64 | graphviz (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
2.42.4-10 | Unknown | None |
| CBL Mariner 1.0 ARM | graphviz (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
2.42.4-5 | Unknown | None |
| CBL Mariner 1.0 x64 | graphviz (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
2.42.4-5 | Unknown | None |
| CBL Mariner 2.0 ARM | graphviz (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
2.42.4-6 | Unknown | None |
| CBL Mariner 2.0 x64 | graphviz (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
2.42.4-6 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2020-18032 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2021-26720
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    12/16/2021     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2021-26720 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | avahi (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
0.8-1 | Unknown | None |
| Azure Linux 3.0 x64 | avahi (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
0.8-1 | Unknown | None |
| CBL Mariner 2.0 ARM | avahi (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
0.8-1 | Unknown | None |
| CBL Mariner 2.0 x64 | avahi (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
0.8-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2021-26720 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2021-27378
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:9.8/TemporalScore:9.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2021-27378 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | librsvg2 (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
2.58.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | librsvg2 (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
2.58.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2021-27378 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2021-3468
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    12/16/2021     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2021-3468 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | avahi (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
0.8-1 | Unknown | None |
| Azure Linux 3.0 x64 | avahi (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
0.8-1 | Unknown | None |
| CBL Mariner 2.0 ARM | avahi (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
0.8-1 | Unknown | None |
| CBL Mariner 2.0 x64 | avahi (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
0.8-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2021-3468 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2021-3502
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2021-3502 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | avahi (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
0.8-1 | Unknown | None |
| Azure Linux 3.0 x64 | avahi (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
0.8-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2021-3502 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2021-36373
MITRE NVD Issuing CNA: security@apache.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    07/17/2021     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2021-36373 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | javapackages-bootstrap (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
1.14.0-2 | Unknown | None |
| Azure Linux 3.0 x64 | javapackages-bootstrap (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
1.14.0-2 | Unknown | None |
| CBL Mariner 1.0 ARM | ant (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
1.10.11-1 | Unknown | None |
| CBL Mariner 1.0 x64 | ant (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
1.10.11-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2021-36373 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2021-38190
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:9.8/TemporalScore:9.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2021-38190 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | librsvg2 (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
2.58.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | librsvg2 (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
2.58.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2021-38190 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2021-3981
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:3.3/TemporalScore:3.3
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    03/15/2022     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2021-3981 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 3.3 Temporal: 3.3 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
2.06-14 | Unknown | None |
| Azure Linux 3.0 x64 | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 3.3 Temporal: 3.3 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
2.06-14 | Unknown | None |
| CBL Mariner 1.0 ARM | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 3.3 Temporal: 3.3 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
2.06~rc1-8 | Unknown | None |
| CBL Mariner 1.0 x64 | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 3.3 Temporal: 3.3 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
2.06~rc1-8 | Unknown | None |
| CBL Mariner 2.0 ARM | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 3.3 Temporal: 3.3 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
2.06-5 | Unknown | None |
| CBL Mariner 2.0 x64 | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 3.3 Temporal: 3.3 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
2.06-5 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2021-3981 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2021-45985
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    04/15/2023     Information published. 2.0    04/19/2023     Added memcached to CBL-Mariner 2.0 Added ntopng to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2021-45985 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | ntopng (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
5.2.1-2 | Unknown | None |
| Azure Linux 3.0 x64 | ntopng (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
5.2.1-2 | Unknown | None |
| CBL Mariner 2.0 ARM | lua (CBL-Mariner) memcached (CBL-Mariner) ntopng (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
5.4.3-5 1.6.13-3 5.2.1-2 |
None | ||
| CBL Mariner 2.0 x64 | lua (CBL-Mariner) memcached (CBL-Mariner) ntopng (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
5.4.3-5 1.6.13-3 5.2.1-2 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2021-45985 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2021-44716
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    01/13/2022     Information published. 2.0    11/08/2023     Added kured to CBL-Mariner 2.0 3.0    01/24/2024     Added flannel to CBL-Mariner 2.0 Added kube-vip-cloud-provider to CBL-Mariner 2.0 Added libcontainers-common to CBL-Mariner 2.0 Added local-path-provisioner to CBL-Mariner 2.0 4.0    04/11/2024     Added cri-o to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2021-44716 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | keda (CBL-Mariner) moby-engine (CBL-Mariner) node-problem-detector (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.14.0-1 25.0.3-1 0.8.15-1 |
None | ||
| Azure Linux 3.0 x64 | keda (CBL-Mariner) moby-engine (CBL-Mariner) node-problem-detector (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.14.0-1 25.0.3-1 0.8.15-1 |
None | ||
| CBL Mariner 1.0 ARM | golang (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.16.12-1 | Unknown | None |
| CBL Mariner 1.0 x64 | golang (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.16.12-1 | Unknown | None |
| CBL Mariner 2.0 ARM | application-gateway-kubernetes-ingress (CBL-Mariner) cf-cli (CBL-Mariner) cri-o (CBL-Mariner) csi-driver-lvm (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.4.0-19 8.4.0-16 1.21.7-2 0.4.1-15 |
None | ||
| CBL Mariner 2.0 x64 | application-gateway-kubernetes-ingress (CBL-Mariner) cf-cli (CBL-Mariner) cri-o (CBL-Mariner) csi-driver-lvm (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.4.0-19 8.4.0-16 1.21.7-2 0.4.1-15 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2021-44716 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-1996
MITRE NVD Issuing CNA: security@huntr.dev |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:9.1/TemporalScore:9.1
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-1996 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | sriov-network-device-plugin (CBL-Mariner) | Unknown | Unknown | None | Base: 9.1 Temporal: 9.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
3.7.0-1 | Unknown | None |
| Azure Linux 3.0 x64 | sriov-network-device-plugin (CBL-Mariner) | Unknown | Unknown | None | Base: 9.1 Temporal: 9.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
3.7.0-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2022-1996 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-2097
MITRE NVD Issuing CNA: openssl-security@openssl.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.3/TemporalScore:5.3
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    07/19/2022     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-2097 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | hvloader (CBL-Mariner) | Unknown | Unknown | None | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
1.0.1-2 | Unknown | None |
| Azure Linux 3.0 x64 | hvloader (CBL-Mariner) | Unknown | Unknown | None | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
1.0.1-2 | Unknown | None |
| CBL Mariner 1.0 ARM | openssl (CBL-Mariner) | Unknown | Unknown | None | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
1.1.1k-12 | Unknown | None |
| CBL Mariner 1.0 x64 | openssl (CBL-Mariner) | Unknown | Unknown | None | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
1.1.1k-12 | Unknown | None |
| CBL Mariner 2.0 ARM | openssl (CBL-Mariner) | Unknown | Unknown | None | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
1.1.1k-20 | Unknown | None |
| CBL Mariner 2.0 x64 | openssl (CBL-Mariner) | Unknown | Unknown | None | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
1.1.1k-20 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2022-2097 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-28391
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:8.8/TemporalScore:8.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    04/13/2022     Information published. 2.0    04/14/2022     Added busybox to CBL-Mariner 1.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-28391 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | busybox (CBL-Mariner) | Unknown | Unknown | None | Base: 8.8 Temporal: 8.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
1.36.1-3 | Unknown | None |
| Azure Linux 3.0 x64 | busybox (CBL-Mariner) | Unknown | Unknown | None | Base: 8.8 Temporal: 8.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
1.36.1-3 | Unknown | None |
| CBL Mariner 1.0 ARM | busybox (CBL-Mariner) | Unknown | Unknown | None | Base: 8.8 Temporal: 8.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
1.34.1-2 | Unknown | None |
| CBL Mariner 1.0 x64 | busybox (CBL-Mariner) | Unknown | Unknown | None | Base: 8.8 Temporal: 8.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
1.34.1-2 | Unknown | None |
| CBL Mariner 2.0 ARM | busybox (CBL-Mariner) | Unknown | Unknown | None | Base: 8.8 Temporal: 8.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
1.35.0-2 | Unknown | None |
| CBL Mariner 2.0 x64 | busybox (CBL-Mariner) | Unknown | Unknown | None | Base: 8.8 Temporal: 8.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
1.35.0-2 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2022-28391 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-28733
MITRE NVD Issuing CNA: security@ubuntu.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:8.1/TemporalScore:8.1
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    07/29/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-28733 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 8.1 Temporal: 8.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
2.06-14 | Unknown | None |
| Azure Linux 3.0 x64 | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 8.1 Temporal: 8.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
2.06-14 | Unknown | None |
| CBL Mariner 2.0 ARM | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 8.1 Temporal: 8.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
2.06-12 | Unknown | None |
| CBL Mariner 2.0 x64 | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 8.1 Temporal: 8.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
2.06-12 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2022-28733 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-28734
MITRE NVD Issuing CNA: security@ubuntu.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7/TemporalScore:7
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    07/29/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-28734 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H |
2.06-14 | Unknown | None |
| Azure Linux 3.0 x64 | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H |
2.06-14 | Unknown | None |
| CBL Mariner 2.0 ARM | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H |
2.06-12 | Unknown | None |
| CBL Mariner 2.0 x64 | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 7 Temporal: 7 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H |
2.06-12 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2022-28734 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-28805
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:9.1/TemporalScore:9.1
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    04/15/2022     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-28805 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | ntopng (CBL-Mariner) | Unknown | Unknown | None | Base: 9.1 Temporal: 9.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H |
5.2.1-3 | Unknown | None |
| Azure Linux 3.0 x64 | ntopng (CBL-Mariner) | Unknown | Unknown | None | Base: 9.1 Temporal: 9.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H |
5.2.1-3 | Unknown | None |
| CBL Mariner 1.0 ARM | lua (CBL-Mariner) | Unknown | Unknown | None | Base: 9.1 Temporal: 9.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H |
5.3.5-9 | Unknown | None |
| CBL Mariner 1.0 x64 | lua (CBL-Mariner) | Unknown | Unknown | None | Base: 9.1 Temporal: 9.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H |
5.3.5-9 | Unknown | None |
| CBL Mariner 2.0 ARM | lua (CBL-Mariner) | Unknown | Unknown | None | Base: 9.1 Temporal: 9.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H |
5.4.3-2 | Unknown | None |
| CBL Mariner 2.0 x64 | lua (CBL-Mariner) | Unknown | Unknown | None | Base: 9.1 Temporal: 9.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H |
5.4.3-2 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2022-28805 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-29526
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.3/TemporalScore:5.3
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    11/08/2023     Information published. 2.0    01/24/2024     Added nmi to CBL-Mariner 2.0 Added sriov-network-device-plugin to CBL-Mariner 2.0 3.0    04/11/2024     Added cri-o to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-29526 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | keda (CBL-Mariner) moby-engine (CBL-Mariner) node-problem-detector (CBL-Mariner) prometheus (CBL-Mariner) |
Unknown | Unknown | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
2.14.0-1 25.0.3-1 0.8.15-1 2.45.4-1 |
None | ||
| Azure Linux 3.0 x64 | keda (CBL-Mariner) moby-engine (CBL-Mariner) node-problem-detector (CBL-Mariner) prometheus (CBL-Mariner) |
Unknown | Unknown | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
2.14.0-1 25.0.3-1 0.8.15-1 2.45.4-1 |
None | ||
| CBL Mariner 2.0 ARM | azcopy (CBL-Mariner) cri-o (CBL-Mariner) git-lfs (CBL-Mariner) kata-containers (CBL-Mariner) |
Unknown | Unknown | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
10.24.0-1 1.21.7-2 3.4.1-1 3.2.0.azl2-1 |
None | ||
| CBL Mariner 2.0 x64 | azcopy (CBL-Mariner) cri-o (CBL-Mariner) git-lfs (CBL-Mariner) kata-containers (CBL-Mariner) |
Unknown | Unknown | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
10.24.0-1 1.21.7-2 3.4.1-1 3.2.0.azl2-1 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2022-29526 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-31394
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    02/27/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-31394 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | rpm-ostree (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2022.1-7 | Unknown | None |
| Azure Linux 3.0 x64 | rpm-ostree (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2022.1-7 | Unknown | None |
| CBL Mariner 2.0 ARM | rpm-ostree (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2022.1-4 | Unknown | None |
| CBL Mariner 2.0 x64 | rpm-ostree (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2022.1-4 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2022-31394 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-35260
MITRE NVD Issuing CNA: support@hackerone.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:6.5/TemporalScore:6.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-35260 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
2.16.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
2.16.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2022-35260 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-36765
MITRE NVD Issuing CNA: infosec@edk2.groups.io |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    04/08/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-36765 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | edk2 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
20240223gitedc6681206c1-1 | Unknown | None |
| Azure Linux 3.0 x64 | edk2 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
20240223gitedc6681206c1-1 | Unknown | None |
| CBL Mariner 2.0 ARM | hvloader (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.0.1-3 | Unknown | None |
| CBL Mariner 2.0 x64 | hvloader (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.0.1-3 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2022-36765 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-36764
MITRE NVD Issuing CNA: infosec@edk2.groups.io |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    04/08/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-36764 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | edk2 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
20240223gitedc6681206c1-1 | Unknown | None |
| Azure Linux 3.0 x64 | edk2 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
20240223gitedc6681206c1-1 | Unknown | None |
| CBL Mariner 2.0 ARM | hvloader (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.0.1-3 | Unknown | None |
| CBL Mariner 2.0 x64 | hvloader (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.0.1-3 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2022-36764 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-37434
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:9.8/TemporalScore:9.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    08/12/2022     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-37434 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | crash (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
8.0.4-2 | Unknown | None |
| Azure Linux 3.0 x64 | crash (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
8.0.4-2 | Unknown | None |
| CBL Mariner 1.0 ARM | zlib (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.2.12-2 | Unknown | None |
| CBL Mariner 1.0 x64 | zlib (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.2.12-2 | Unknown | None |
| CBL Mariner 2.0 ARM | zlib (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.2.12-2 | Unknown | None |
| CBL Mariner 2.0 x64 | zlib (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.2.12-2 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2022-37434 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-37616
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:9.8/TemporalScore:9.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-37616 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | python-tensorboard (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
2.16.2-1 | Unknown | None |
| Azure Linux 3.0 x64 | python-tensorboard (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
2.16.2-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2022-37616 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-39353
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:9.8/TemporalScore:9.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-39353 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | python-tensorboard (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
2.16.2-1 | Unknown | None |
| Azure Linux 3.0 x64 | python-tensorboard (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
2.16.2-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2022-39353 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-41717
MITRE NVD Issuing CNA: security@golang.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.3/TemporalScore:5.3
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    12/13/2022     Information published. 2.0    01/24/2024     Added sriov-network-device-plugin to CBL-Mariner 2.0 3.0    02/12/2024     Added nmi to CBL-Mariner 2.0 4.0    04/11/2024     Added cri-o to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-41717 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | moby-engine (CBL-Mariner) prometheus (CBL-Mariner) sriov-network-device-plugin (CBL-Mariner) |
Unknown | Unknown | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
25.0.3-1 2.45.4-1 3.7.0-1 |
None | ||
| Azure Linux 3.0 x64 | moby-engine (CBL-Mariner) prometheus (CBL-Mariner) sriov-network-device-plugin (CBL-Mariner) |
Unknown | Unknown | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
25.0.3-1 2.45.4-1 3.7.0-1 |
None | ||
| CBL Mariner 1.0 ARM | golang (CBL-Mariner) | Unknown | Unknown | None | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
1.18.8-2 | Unknown | None |
| CBL Mariner 1.0 x64 | golang (CBL-Mariner) | Unknown | Unknown | None | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
1.18.8-2 | Unknown | None |
| CBL Mariner 2.0 ARM | azcopy (CBL-Mariner) cri-o (CBL-Mariner) golang (CBL-Mariner) moby-cli (CBL-Mariner) |
Unknown | Unknown | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
10.24.0-1 1.22.3-1 1.18.8-2 24.0.9-1 |
None | ||
| CBL Mariner 2.0 x64 | azcopy (CBL-Mariner) cri-o (CBL-Mariner) golang (CBL-Mariner) moby-cli (CBL-Mariner) |
Unknown | Unknown | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
10.24.0-1 1.22.3-1 1.18.8-2 24.0.9-1 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2022-41717 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-40320
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:8.8/TemporalScore:8.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    09/16/2022     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-40320 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | libconfuse (CBL-Mariner) | Unknown | Unknown | None | Base: 8.8 Temporal: 8.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
3.3-2 | Unknown | None |
| Azure Linux 3.0 x64 | libconfuse (CBL-Mariner) | Unknown | Unknown | None | Base: 8.8 Temporal: 8.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
3.3-2 | Unknown | None |
| CBL Mariner 1.0 ARM | libconfuse (CBL-Mariner) | Unknown | Unknown | None | Base: 8.8 Temporal: 8.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
3.3-2 | Unknown | None |
| CBL Mariner 1.0 x64 | libconfuse (CBL-Mariner) | Unknown | Unknown | None | Base: 8.8 Temporal: 8.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
3.3-2 | Unknown | None |
| CBL Mariner 2.0 ARM | libconfuse (CBL-Mariner) | Unknown | Unknown | None | Base: 8.8 Temporal: 8.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
3.3-2 | Unknown | None |
| CBL Mariner 2.0 x64 | libconfuse (CBL-Mariner) | Unknown | Unknown | None | Base: 8.8 Temporal: 8.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
3.3-2 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2022-40320 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-41723
MITRE NVD Issuing CNA: security@golang.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    03/10/2023     Information published. 1.0    04/05/2023     Information published. 2.0    05/17/2023     Added kubevirt to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-41723 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | kubevirt (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.2.0-1 | Unknown | None |
| Azure Linux 3.0 x64 | kubevirt (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.2.0-1 | Unknown | None |
| CBL Mariner 2.0 ARM | golang (CBL-Mariner) kubevirt (CBL-Mariner) skopeo (CBL-Mariner) telegraf (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.21.6-1 0.59.0-15 1.12.0-3 1.26.0-2 |
None | ||
| CBL Mariner 2.0 x64 | golang (CBL-Mariner) kubevirt (CBL-Mariner) skopeo (CBL-Mariner) telegraf (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.21.6-1 0.59.0-15 1.12.0-3 1.26.0-2 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2022-41723 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-43551
MITRE NVD Issuing CNA: cve-assignments@hackerone.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    01/05/2023     Information published. 2.0    01/12/2023     Added cmake to CBL-Mariner 1.0 Added cmake to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-43551 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | cmake (CBL-Mariner) tensorflow (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
3.21.4-10 2.16.1-1 |
None | ||
| Azure Linux 3.0 x64 | cmake (CBL-Mariner) tensorflow (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
3.21.4-10 2.16.1-1 |
None | ||
| CBL Mariner 1.0 ARM | cmake (CBL-Mariner) curl (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
3.21.4-3 7.86.0-2 |
None | ||
| CBL Mariner 1.0 x64 | cmake (CBL-Mariner) curl (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
3.21.4-3 7.86.0-2 |
None | ||
| CBL Mariner 2.0 ARM | cmake (CBL-Mariner) curl (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
3.21.4-3 7.86.0-2 |
None | ||
| CBL Mariner 2.0 x64 | cmake (CBL-Mariner) curl (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
3.21.4-3 7.86.0-2 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2022-43551 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-43552
MITRE NVD Issuing CNA: HackerOne |
CVE Title: Open Source Curl Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:5.9/TemporalScore:5.9
Executive Summary: None FAQ: What is the curl open-source project? Curl is a computer software project providing a library (libcurl) and command-line tool (curl) for transferring data using various network protocols. The name stands for "Client for URL". The Windows implementation provides access to the command-line tool, not the library. What version of curl addresses this CVE? Curl version 7.87.0 addresses this vulnerability. Where can I find more information about this curl vulnerability? More information can be found at NVD and curl.se Are there any workarounds that can be implemented? Preventing the execution of curl.exe is a workaround to be considered Use a WDAC policy to deny execution of the \system32\curl.exe executable. You can merge the deny into an existing policy or create a new policy with it using the Merge-CIPolicy cmdlet; Merge-CIPolicy (ConfigCI) | Microsoft Learn. Once the policy XML file with the deny has been created or merged with an existing policy it must be deployed. Choose how to deploy the policy; Deploying Windows Defender Application Control (WDAC) policies | Microsoft Learn
For example: Create a new policy: (These steps will create a new policy named Deny-Curl.xml by merging the deny using the example policy named AllowAll.xml)
Merge into an existing policy
How to undo this workaround? Guidance for how to remove WDAC policies can be found in the following documentation: Remove Windows Defender Application Control (WDAC) policies Mitigations: None Workarounds: None Revision: 1.0    02/10/2023     Information published. 1.1    03/14/2023     CVE updated to add Windows software as Microsoft is aware that certain versions of Windows are affected by the cURL vulnerability. Microsoft will incorporate the new cURL Open Source library that addresses this issue in an upcoming security release. 2.0    04/11/2023     Microsoft is announcing the availability of the April 2023 security updates to address this vulnerability for all supported versions of Windows 10 version 1809, Windows 10 version 20H2, Windows 10 version 21H2, Windows 10 version 22H2, Windows 11 version 21H2, Windows 11 version 22H2, Windows Server 2019, and Windows Server 2022. Microsoft strongly recommends that customers install the April 2023 updates to be fully protected from this vulnerability. Customers whose systems are configured to receive automatic updates do not need to take any further action. 2.1    04/12/2023     Updated FAQ information. This is an informational change only. 1.0    06/30/2024     Information published. |
Important | Remote Code Execution | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Yes | No |
The following tables list the affected software details for the vulnerability.
| CVE-2022-43552 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | cmake (CBL-Mariner) tensorflow (CBL-Mariner) |
Unknown | Unknown | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.28.2-1 2.16.1-1 |
None | ||
| Azure Linux 3.0 x64 | cmake (CBL-Mariner) tensorflow (CBL-Mariner) |
Unknown | Unknown | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.28.2-1 2.16.1-1 |
None | ||
| CBL Mariner 1.0 ARM | curl (CBL-Mariner) | Unknown | Unknown | None | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
7.86.0-3 | Unknown | None |
| CBL Mariner 1.0 x64 | curl (CBL-Mariner) | Unknown | Unknown | None | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
7.86.0-3 | Unknown | None |
| CBL Mariner 2.0 ARM | curl (CBL-Mariner) mysql (CBL-Mariner) rust (CBL-Mariner) |
Unknown | Unknown | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
7.86.0-3 8.0.33-1 1.72.0-2 |
None | ||
| CBL Mariner 2.0 x64 | curl (CBL-Mariner) mysql (CBL-Mariner) rust (CBL-Mariner) |
Unknown | Unknown | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
7.86.0-3 8.0.33-1 1.72.0-2 |
None | ||
| Windows 10 Version 1809 for 32-bit Systems | 5025229 (Security Update) | Important | Remote Code Execution | 5023702 |
Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
10.0.17763.4252 |
Yes | 5025229 |
| Windows 10 Version 1809 for ARM64-based Systems | 5025229 (Security Update) | Important | Remote Code Execution | 5023702 |
Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
10.0.17763.4252 |
Yes | 5025229 |
| Windows 10 Version 1809 for x64-based Systems | 5025229 (Security Update) | Important | Remote Code Execution | 5023702 |
Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
10.0.17763.4252 |
Yes | 5025229 |
| Windows 10 Version 20H2 for 32-bit Systems | 5025221 (Security Update) | Important | Remote Code Execution | 5023696 |
Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
10.0.19042.2846 |
Yes | 5025221 |
| Windows 10 Version 20H2 for ARM64-based Systems | 5025221 (Security Update) | Important | Remote Code Execution | 5023696 |
Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
10.0.19042.2846 |
Yes | 5025221 |
| Windows 10 Version 21H2 for 32-bit Systems | 5025221 (Security Update) | Important | Remote Code Execution | 5023696 |
Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
10.0.19044.2846 |
Yes | 5025221 |
| Windows 10 Version 21H2 for ARM64-based Systems | 5025221 (Security Update) | Important | Remote Code Execution | 5023696 |
Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
10.0.19044.2846 |
Yes | 5025221 |
| Windows 10 Version 21H2 for x64-based Systems | 5025221 (Security Update) | Important | Remote Code Execution | 5023696 |
Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
10.0.19044.2846 |
Yes | 5025221 |
| Windows 10 Version 22H2 for 32-bit Systems | 5025221 (Security Update) | Important | Remote Code Execution | 5023696 |
Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
10.0.19045.2846 |
Yes | 5025221 |
| Windows 10 Version 22H2 for ARM64-based Systems | 5025221 (Security Update) | Important | Remote Code Execution | 5023696 |
Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
10.0.19045.2846 |
Yes | 5025221 |
| Windows 10 Version 22H2 for x64-based Systems | 5025221 (Security Update) | Important | Remote Code Execution | 5023696 |
Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
10.0.19045.2846 |
Yes | 5025221 |
| Windows 11 version 21H2 for ARM64-based Systems | 5025224 (Security Update) | Important | Remote Code Execution | 5023698 |
Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
10.0.22000.1817 |
Yes | 5025224 |
| Windows 11 version 21H2 for x64-based Systems | 5025224 (Security Update) | Important | Remote Code Execution | 5023698 |
Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
10.0.22000.1817 |
Yes | 5025224 |
| Windows 11 Version 22H2 for ARM64-based Systems | 5025239 (Security Update) | Important | Remote Code Execution | 5023706 |
Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
10.0.22621.1555 |
Yes | 5025239 |
| Windows 11 Version 22H2 for x64-based Systems | 5025239 (Security Update) | Important | Remote Code Execution | 5023706 |
Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
10.0.22621.1555 |
Yes | 5025239 |
| Windows Server 2019 | 5025229 (Security Update) | Important | Remote Code Execution | 5023702 |
Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
10.0.17763.4252 |
Yes | 5025229 |
| Windows Server 2019 (Server Core installation) | 5025229 (Security Update) | Important | Remote Code Execution | 5023702 |
Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
10.0.17763.4252 |
Yes | 5025229 |
| Windows Server 2022 | 5025230 (Security Update) | Important | Remote Code Execution | 5023705 |
Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
10.0.20348.1668 |
Yes | 5025230 |
| Windows Server 2022 (Server Core installation) | 5025230 (Security Update) | Important | Remote Code Execution | 5023705 |
Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
10.0.20348.1668 |
Yes | 5025230 |
| CVE ID | Acknowledgements |
| CVE-2022-43552 | Stefan Kanthak |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-4415
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    01/17/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-4415 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | systemd-bootstrap (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
250.3-15 | Unknown | None |
| Azure Linux 3.0 x64 | systemd-bootstrap (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
250.3-15 | Unknown | None |
| CBL Mariner 2.0 ARM | systemd (CBL-Mariner) systemd-bootstrap (CBL-Mariner) |
Unknown | Unknown | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
250.3-13 250.3-12 |
None | ||
| CBL Mariner 2.0 x64 | systemd (CBL-Mariner) systemd-bootstrap (CBL-Mariner) |
Unknown | Unknown | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
250.3-13 250.3-12 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2022-4415 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-4450
MITRE NVD Issuing CNA: openssl-security@openssl.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    02/13/2023     Information published. 1.0    02/14/2023     Information published. 3.0    04/06/2024     Added hvloader to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-4450 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | edk2 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
20240223gitedc6681206c1-1 | Unknown | None |
| Azure Linux 3.0 x64 | edk2 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
20240223gitedc6681206c1-1 | Unknown | None |
| CBL Mariner 1.0 ARM | openssl (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.1.1k-13 | Unknown | None |
| CBL Mariner 1.0 x64 | openssl (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.1.1k-13 | Unknown | None |
| CBL Mariner 2.0 ARM | cloud-hypervisor (CBL-Mariner) hvloader (CBL-Mariner) openssl (CBL-Mariner) rust (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
30.0-2 1.0.1-3 1.1.1k-21 1.72.0-2 |
None | ||
| CBL Mariner 2.0 x64 | cloud-hypervisor (CBL-Mariner) hvloader (CBL-Mariner) openssl (CBL-Mariner) rust (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
30.0-2 1.0.1-3 1.1.1k-21 1.72.0-2 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2022-4450 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-4515
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    12/30/2022     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-4515 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | ctags (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
6.1.0-1 | Unknown | None |
| Azure Linux 3.0 x64 | ctags (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
6.1.0-1 | Unknown | None |
| CBL Mariner 2.0 ARM | ctags (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.9.20220619.0-7 | Unknown | None |
| CBL Mariner 2.0 x64 | ctags (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
5.9.20220619.0-7 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2022-4515 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-48285
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.3/TemporalScore:7.3
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    02/02/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-48285 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | mozjs (CBL-Mariner) | Unknown | Unknown | None | Base: 7.3 Temporal: 7.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L |
102.15.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | mozjs (CBL-Mariner) | Unknown | Unknown | None | Base: 7.3 Temporal: 7.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L |
102.15.1-1 | Unknown | None |
| CBL Mariner 1.0 ARM | mozjs60 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.3 Temporal: 7.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L |
60.9.0-13 | Unknown | None |
| CBL Mariner 1.0 x64 | mozjs60 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.3 Temporal: 7.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L |
60.9.0-13 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2022-48285 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-48579
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    08/14/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-48579 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | clamav (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
0.105.2-4 | Unknown | None |
| Azure Linux 3.0 x64 | clamav (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
0.105.2-4 | Unknown | None |
| CBL Mariner 2.0 ARM | clamav (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
0.105.2-2 | Unknown | None |
| CBL Mariner 2.0 x64 | clamav (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
0.105.2-2 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2022-48579 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-4904
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:8.6/TemporalScore:8.6
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    03/07/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-4904 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | grpc (CBL-Mariner) | Unknown | Unknown | None | Base: 8.6 Temporal: 8.6 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H |
1.62.0-2 | Unknown | None |
| Azure Linux 3.0 x64 | grpc (CBL-Mariner) | Unknown | Unknown | None | Base: 8.6 Temporal: 8.6 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H |
1.62.0-2 | Unknown | None |
| CBL Mariner 1.0 ARM | c-ares (CBL-Mariner) | Unknown | Unknown | None | Base: 8.6 Temporal: 8.6 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H |
1.19.0-1 | Unknown | None |
| CBL Mariner 1.0 x64 | c-ares (CBL-Mariner) | Unknown | Unknown | None | Base: 8.6 Temporal: 8.6 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H |
1.19.0-1 | Unknown | None |
| CBL Mariner 2.0 ARM | c-ares (CBL-Mariner) nodejs (CBL-Mariner) python-gevent (CBL-Mariner) |
Unknown | Unknown | Base: 8.6 Temporal: 8.6 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H |
1.19.0-1 16.20.1-2 21.1.2-1 |
None | ||
| CBL Mariner 2.0 x64 | c-ares (CBL-Mariner) nodejs (CBL-Mariner) python-gevent (CBL-Mariner) |
Unknown | Unknown | Base: 8.6 Temporal: 8.6 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H |
1.19.0-1 16.20.1-2 21.1.2-1 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2022-4904 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-0215
MITRE NVD Issuing CNA: openssl-security@openssl.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    02/13/2023     Information published. 2.0    02/14/2023     Added openssl to CBL-Mariner 2.0 Added openssl to CBL-Mariner 1.0 3.0    04/06/2024     Added hvloader to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-0215 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | edk2 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
20240223gitedc6681206c1-1 | Unknown | None |
| Azure Linux 3.0 x64 | edk2 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
20240223gitedc6681206c1-1 | Unknown | None |
| CBL Mariner 1.0 ARM | openssl (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.1.1k-13 | Unknown | None |
| CBL Mariner 1.0 x64 | openssl (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.1.1k-13 | Unknown | None |
| CBL Mariner 2.0 ARM | cloud-hypervisor (CBL-Mariner) hvloader (CBL-Mariner) openssl (CBL-Mariner) rust (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
30.0-2 1.0.1-3 1.1.1k-21 1.72.0-2 |
None | ||
| CBL Mariner 2.0 x64 | cloud-hypervisor (CBL-Mariner) hvloader (CBL-Mariner) openssl (CBL-Mariner) rust (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
30.0-2 1.0.1-3 1.1.1k-21 1.72.0-2 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2023-0215 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-0286
MITRE NVD Issuing CNA: openssl-security@openssl.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.4/TemporalScore:7.4
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    02/19/2023     Information published. 2.0    02/28/2023     Added cloud-hypervisor to CBL-Mariner 2.0 3.0    04/06/2024     Added hvloader to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-0286 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | edk2 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.4 Temporal: 7.4 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H |
20240223gitedc6681206c1-1 | Unknown | None |
| Azure Linux 3.0 x64 | edk2 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.4 Temporal: 7.4 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H |
20240223gitedc6681206c1-1 | Unknown | None |
| CBL Mariner 1.0 ARM | openssl (CBL-Mariner) | Unknown | Unknown | None | Base: 7.4 Temporal: 7.4 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H |
1.1.1k-13 | Unknown | None |
| CBL Mariner 1.0 x64 | openssl (CBL-Mariner) | Unknown | Unknown | None | Base: 7.4 Temporal: 7.4 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H |
1.1.1k-13 | Unknown | None |
| CBL Mariner 2.0 ARM | cloud-hypervisor (CBL-Mariner) hvloader (CBL-Mariner) openssl (CBL-Mariner) rust (CBL-Mariner) |
Unknown | Unknown | Base: 7.4 Temporal: 7.4 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H |
30.0-2 1.0.1-3 1.1.1k-21 1.72.0-2 |
None | ||
| CBL Mariner 2.0 x64 | cloud-hypervisor (CBL-Mariner) hvloader (CBL-Mariner) openssl (CBL-Mariner) rust (CBL-Mariner) |
Unknown | Unknown | Base: 7.4 Temporal: 7.4 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H |
30.0-2 1.0.1-3 1.1.1k-21 1.72.0-2 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2023-0286 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-0464
MITRE NVD Issuing CNA: openssl-security@openssl.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    03/27/2023     Information published. 2.0    04/24/2023     Added nodejs18 to CBL-Mariner 2.0 3.0    10/11/2023     Added edk2 to CBL-Mariner 2.0 4.0    04/06/2024     Added hvloader to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-0464 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | edk2 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
20230301gitf80f052277c8-37 | Unknown | None |
| Azure Linux 3.0 x64 | edk2 (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
20230301gitf80f052277c8-37 | Unknown | None |
| CBL Mariner 1.0 ARM | openssl (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.1.1k-15 | Unknown | None |
| CBL Mariner 1.0 x64 | openssl (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.1.1k-15 | Unknown | None |
| CBL Mariner 2.0 ARM | edk2 (CBL-Mariner) hvloader (CBL-Mariner) nodejs18 (CBL-Mariner) openssl (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
20230301gitf80f052277c8-34 1.0.1-3 18.17.1-2 1.1.1k-22 |
None | ||
| CBL Mariner 2.0 x64 | edk2 (CBL-Mariner) hvloader (CBL-Mariner) nodejs18 (CBL-Mariner) openssl (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
20230301gitf80f052277c8-34 1.0.1-3 18.17.1-2 1.1.1k-22 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2023-0464 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-1668
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:8.2/TemporalScore:8.2
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    04/11/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-1668 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | openvswitch (CBL-Mariner) | Unknown | Unknown | None | Base: 8.2 Temporal: 8.2 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H |
2.17.5-3 | Unknown | None |
| Azure Linux 3.0 x64 | openvswitch (CBL-Mariner) | Unknown | Unknown | None | Base: 8.2 Temporal: 8.2 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H |
2.17.5-3 | Unknown | None |
| CBL Mariner 2.0 ARM | openvswitch (CBL-Mariner) | Unknown | Unknown | None | Base: 8.2 Temporal: 8.2 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H |
2.17.5-2 | Unknown | None |
| CBL Mariner 2.0 x64 | openvswitch (CBL-Mariner) | Unknown | Unknown | None | Base: 8.2 Temporal: 8.2 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H |
2.17.5-2 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-1668 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-22466
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.4/TemporalScore:5.4
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    01/12/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-22466 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | kata-containers (CBL-Mariner) netavark (CBL-Mariner) rpm-ostree (CBL-Mariner) |
Unknown | Unknown | Base: 5.4 Temporal: 5.4 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N |
3.2.0.azl0-2 1.10.3-1 2024.4-1 |
None | ||
| Azure Linux 3.0 x64 | kata-containers (CBL-Mariner) netavark (CBL-Mariner) rpm-ostree (CBL-Mariner) |
Unknown | Unknown | Base: 5.4 Temporal: 5.4 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N |
3.2.0.azl0-2 1.10.3-1 2024.4-1 |
None | ||
| CBL Mariner 2.0 ARM | kata-containers (CBL-Mariner) rust (CBL-Mariner) |
Unknown | Unknown | Base: 5.4 Temporal: 5.4 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N |
3.2.0.azl0-1 1.72.0-2 |
None | ||
| CBL Mariner 2.0 x64 | kata-containers (CBL-Mariner) rust (CBL-Mariner) |
Unknown | Unknown | Base: 5.4 Temporal: 5.4 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N |
3.2.0.azl0-1 1.72.0-2 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2023-22466 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-2253
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:6.5/TemporalScore:6.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/07/2023     Information published. 1.0    06/08/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-2253 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | moby-engine (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
25.0.3-1 | Unknown | None |
| Azure Linux 3.0 x64 | moby-engine (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
25.0.3-1 | Unknown | None |
| CBL Mariner 2.0 ARM | helm (CBL-Mariner) moby-cli (CBL-Mariner) moby-compose (CBL-Mariner) moby-engine (CBL-Mariner) |
Unknown | Unknown | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
3.13.2-1 20.10.27-1 2.17.3-5 |
None | ||
| CBL Mariner 2.0 x64 | helm (CBL-Mariner) moby-cli (CBL-Mariner) moby-compose (CBL-Mariner) moby-engine (CBL-Mariner) |
Unknown | Unknown | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
3.13.2-1 20.10.27-1 2.17.3-5 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2023-2253 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-23914
MITRE NVD Issuing CNA: cve-assignments@hackerone.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:9.1/TemporalScore:9.1
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    02/24/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-23914 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | cmake (CBL-Mariner) tensorflow (CBL-Mariner) |
Unknown | Unknown | Base: 9.1 Temporal: 9.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
3.21.4-10 2.16.1-1 |
None | ||
| Azure Linux 3.0 x64 | cmake (CBL-Mariner) tensorflow (CBL-Mariner) |
Unknown | Unknown | Base: 9.1 Temporal: 9.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
3.21.4-10 2.16.1-1 |
None | ||
| CBL Mariner 1.0 ARM | curl (CBL-Mariner) | Unknown | Unknown | None | Base: 9.1 Temporal: 9.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
7.88.1-1 | Unknown | None |
| CBL Mariner 1.0 x64 | curl (CBL-Mariner) | Unknown | Unknown | None | Base: 9.1 Temporal: 9.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
7.88.1-1 | Unknown | None |
| CBL Mariner 2.0 ARM | cmake (CBL-Mariner) curl (CBL-Mariner) mysql (CBL-Mariner) rust (CBL-Mariner) |
Unknown | Unknown | Base: 9.1 Temporal: 9.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
3.21.4-6 7.88.1-1 8.0.33-1 1.72.0-2 |
None | ||
| CBL Mariner 2.0 x64 | cmake (CBL-Mariner) curl (CBL-Mariner) mysql (CBL-Mariner) rust (CBL-Mariner) |
Unknown | Unknown | Base: 9.1 Temporal: 9.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
3.21.4-6 7.88.1-1 8.0.33-1 1.72.0-2 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2023-23914 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-23915
MITRE NVD Issuing CNA: cve-assignments@hackerone.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:6.5/TemporalScore:6.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    02/24/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-23915 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | cmake (CBL-Mariner) tensorflow (CBL-Mariner) |
Unknown | Unknown | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N |
3.28.2-1 2.16.1-1 |
None | ||
| Azure Linux 3.0 x64 | cmake (CBL-Mariner) tensorflow (CBL-Mariner) |
Unknown | Unknown | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N |
3.28.2-1 2.16.1-1 |
None | ||
| CBL Mariner 1.0 ARM | curl (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N |
7.88.1-1 | Unknown | None |
| CBL Mariner 1.0 x64 | curl (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N |
7.88.1-1 | Unknown | None |
| CBL Mariner 2.0 ARM | curl (CBL-Mariner) mysql (CBL-Mariner) rust (CBL-Mariner) |
Unknown | Unknown | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N |
7.88.1-1 8.0.33-1 1.72.0-2 |
None | ||
| CBL Mariner 2.0 x64 | curl (CBL-Mariner) mysql (CBL-Mariner) rust (CBL-Mariner) |
Unknown | Unknown | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N |
7.88.1-1 8.0.33-1 1.72.0-2 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2023-23915 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-25663
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-25663 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.16.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.16.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-25663 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-25671
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-25671 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.16.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.16.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-25671 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-25801
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-25801 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.16.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.16.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-25801 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-26159
MITRE NVD Issuing CNA: report@snyk.io |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:6.1/TemporalScore:6.1
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    01/08/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-26159 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | python-tensorboard (CBL-Mariner) | Unknown | Unknown | None | Base: 6.1 Temporal: 6.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
2.16.2-1 | Unknown | None |
| Azure Linux 3.0 x64 | python-tensorboard (CBL-Mariner) | Unknown | Unknown | None | Base: 6.1 Temporal: 6.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
2.16.2-1 | Unknown | None |
| CBL Mariner 2.0 ARM | reaper (CBL-Mariner) | Unknown | Unknown | None | Base: 6.1 Temporal: 6.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
3.1.1-8 | Unknown | None |
| CBL Mariner 2.0 x64 | reaper (CBL-Mariner) | Unknown | Unknown | None | Base: 6.1 Temporal: 6.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
3.1.1-8 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-26159 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-26484
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:8.2/TemporalScore:8.2
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-26484 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | kubevirt (CBL-Mariner) | Unknown | Unknown | None | Base: 8.2 Temporal: 8.2 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N |
1.2.0-1 | Unknown | None |
| Azure Linux 3.0 x64 | kubevirt (CBL-Mariner) | Unknown | Unknown | None | Base: 8.2 Temporal: 8.2 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N |
1.2.0-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-26484 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-2650
MITRE NVD Issuing CNA: openssl-security@openssl.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:6.5/TemporalScore:6.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/05/2023     Information published. 2.0    06/06/2023     Added rust to CBL-Mariner 2.0 3.0    10/11/2023     Added edk2 to CBL-Mariner 2.0 4.0    04/06/2024     Added hvloader to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-2650 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | edk2 (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
20230301gitf80f052277c8-37 | Unknown | None |
| Azure Linux 3.0 x64 | edk2 (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
20230301gitf80f052277c8-37 | Unknown | None |
| CBL Mariner 1.0 ARM | openssl (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
1.1.1k-16 | Unknown | None |
| CBL Mariner 1.0 x64 | openssl (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
1.1.1k-16 | Unknown | None |
| CBL Mariner 2.0 ARM | edk2 (CBL-Mariner) hvloader (CBL-Mariner) openssl (CBL-Mariner) rust (CBL-Mariner) |
Unknown | Unknown | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
20230301gitf80f052277c8-37 1.0.1-3 1.1.1k-24 1.72.0-2 |
None | ||
| CBL Mariner 2.0 x64 | edk2 (CBL-Mariner) hvloader (CBL-Mariner) openssl (CBL-Mariner) rust (CBL-Mariner) |
Unknown | Unknown | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
20230301gitf80f052277c8-37 1.0.1-3 1.1.1k-24 1.72.0-2 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2023-2650 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-27533
MITRE NVD Issuing CNA: support@hackerone.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:8.8/TemporalScore:8.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    04/01/2023     Information published. 1.0    04/04/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-27533 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | cmake (CBL-Mariner) tensorflow (CBL-Mariner) |
Unknown | Unknown | Base: 8.8 Temporal: 8.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
3.28.2-1 2.16.1-1 |
None | ||
| Azure Linux 3.0 x64 | cmake (CBL-Mariner) tensorflow (CBL-Mariner) |
Unknown | Unknown | Base: 8.8 Temporal: 8.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
3.28.2-1 2.16.1-1 |
None | ||
| CBL Mariner 2.0 ARM | curl (CBL-Mariner) mysql (CBL-Mariner) rust (CBL-Mariner) |
Unknown | Unknown | Base: 8.8 Temporal: 8.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
8.0.1-1 8.0.34-1 1.72.0-2 |
None | ||
| CBL Mariner 2.0 x64 | curl (CBL-Mariner) mysql (CBL-Mariner) rust (CBL-Mariner) |
Unknown | Unknown | Base: 8.8 Temporal: 8.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
8.0.1-1 8.0.34-1 1.72.0-2 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2023-27533 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-27534
MITRE NVD Issuing CNA: support@hackerone.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:8.8/TemporalScore:8.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    04/01/2023     Information published. 1.0    04/03/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-27534 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | cmake (CBL-Mariner) tensorflow (CBL-Mariner) |
Unknown | Unknown | Base: 8.8 Temporal: 8.8 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
3.28.2-1 2.16.1-1 |
None | ||
| Azure Linux 3.0 x64 | cmake (CBL-Mariner) tensorflow (CBL-Mariner) |
Unknown | Unknown | Base: 8.8 Temporal: 8.8 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
3.28.2-1 2.16.1-1 |
None | ||
| CBL Mariner 2.0 ARM | curl (CBL-Mariner) mysql (CBL-Mariner) rust (CBL-Mariner) |
Unknown | Unknown | Base: 8.8 Temporal: 8.8 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
8.0.1-1 8.0.34-1 1.72.0-2 |
None | ||
| CBL Mariner 2.0 x64 | curl (CBL-Mariner) mysql (CBL-Mariner) rust (CBL-Mariner) |
Unknown | Unknown | Base: 8.8 Temporal: 8.8 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
8.0.1-1 8.0.34-1 1.72.0-2 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2023-27534 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-27535
MITRE NVD Issuing CNA: support@hackerone.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.9/TemporalScore:5.9
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    04/01/2023     Information published. 1.0    04/03/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-27535 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | cmake (CBL-Mariner) tensorflow (CBL-Mariner) |
Unknown | Unknown | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
3.28.2-1 2.16.1-1 |
None | ||
| Azure Linux 3.0 x64 | cmake (CBL-Mariner) tensorflow (CBL-Mariner) |
Unknown | Unknown | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
3.28.2-1 2.16.1-1 |
None | ||
| CBL Mariner 2.0 ARM | curl (CBL-Mariner) mysql (CBL-Mariner) rust (CBL-Mariner) |
Unknown | Unknown | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
8.0.1-1 8.0.34-1 1.72.0-2 |
None | ||
| CBL Mariner 2.0 x64 | curl (CBL-Mariner) mysql (CBL-Mariner) rust (CBL-Mariner) |
Unknown | Unknown | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
8.0.1-1 8.0.34-1 1.72.0-2 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2023-27535 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-27536
MITRE NVD Issuing CNA: support@hackerone.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.9/TemporalScore:5.9
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    04/01/2023     Information published. 1.0    04/03/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-27536 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | cmake (CBL-Mariner) tensorflow (CBL-Mariner) |
Unknown | Unknown | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
3.28.2-1 2.16.1-1 |
None | ||
| Azure Linux 3.0 x64 | cmake (CBL-Mariner) tensorflow (CBL-Mariner) |
Unknown | Unknown | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
3.28.2-1 2.16.1-1 |
None | ||
| CBL Mariner 2.0 ARM | curl (CBL-Mariner) mysql (CBL-Mariner) rust (CBL-Mariner) |
Unknown | Unknown | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
8.0.1-1 8.0.34-1 1.72.0-2 |
None | ||
| CBL Mariner 2.0 x64 | curl (CBL-Mariner) mysql (CBL-Mariner) rust (CBL-Mariner) |
Unknown | Unknown | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
8.0.1-1 8.0.34-1 1.72.0-2 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2023-27536 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-2816
MITRE NVD Issuing CNA: security@hashicorp.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:6.5/TemporalScore:6.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    07/17/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-2816 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | telegraf (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N |
1.29.4-1 | Unknown | None |
| Azure Linux 3.0 x64 | telegraf (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N |
1.29.4-1 | Unknown | None |
| CBL Mariner 2.0 ARM | telegraf (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N |
1.28.5-1 | Unknown | None |
| CBL Mariner 2.0 x64 | telegraf (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N |
1.28.5-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-2816 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-27579
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-27579 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.16.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.16.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-27579 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-28319
MITRE NVD Issuing CNA: support@hackerone.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/27/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-28319 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
2.16.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
2.16.1-1 | Unknown | None |
| CBL Mariner 2.0 ARM | curl (CBL-Mariner) mysql (CBL-Mariner) rust (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
8.2.1-1 8.0.34-1 1.72.0-2 |
None | ||
| CBL Mariner 2.0 x64 | curl (CBL-Mariner) mysql (CBL-Mariner) rust (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
8.2.1-1 8.0.34-1 1.72.0-2 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2023-28319 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-28320
MITRE NVD Issuing CNA: support@hackerone.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.9/TemporalScore:5.9
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/27/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-28320 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | cmake (CBL-Mariner) tensorflow (CBL-Mariner) |
Unknown | Unknown | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.28.2-1 2.16.1-1 |
None | ||
| Azure Linux 3.0 x64 | cmake (CBL-Mariner) tensorflow (CBL-Mariner) |
Unknown | Unknown | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.28.2-1 2.16.1-1 |
None | ||
| CBL Mariner 2.0 ARM | curl (CBL-Mariner) mysql (CBL-Mariner) rust (CBL-Mariner) |
Unknown | Unknown | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
8.2.1-1 8.0.34-1 1.72.0-2 |
None | ||
| CBL Mariner 2.0 x64 | curl (CBL-Mariner) mysql (CBL-Mariner) rust (CBL-Mariner) |
Unknown | Unknown | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
8.2.1-1 8.0.34-1 1.72.0-2 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2023-28320 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-28736
MITRE NVD Issuing CNA: secure@intel.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:6.7/TemporalScore:6.7
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-28736 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | mdadm (CBL-Mariner) | Unknown | Unknown | None | Base: 6.7 Temporal: 6.7 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
4.2-1 | Unknown | None |
| Azure Linux 3.0 x64 | mdadm (CBL-Mariner) | Unknown | Unknown | None | Base: 6.7 Temporal: 6.7 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
4.2-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-28736 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-28938
MITRE NVD Issuing CNA: secure@intel.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:4.4/TemporalScore:4.4
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-28938 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | mdadm (CBL-Mariner) | Unknown | Unknown | None | Base: 4.4 Temporal: 4.4 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H |
4.2-1 | Unknown | None |
| Azure Linux 3.0 x64 | mdadm (CBL-Mariner) | Unknown | Unknown | None | Base: 4.4 Temporal: 4.4 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H |
4.2-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-28938 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-2977
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.1/TemporalScore:7.1
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/06/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-2977 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | opensc (CBL-Mariner) | Unknown | Unknown | None | Base: 7.1 Temporal: 7.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H |
0.25.1-3 | Unknown | None |
| Azure Linux 3.0 x64 | opensc (CBL-Mariner) | Unknown | Unknown | None | Base: 7.1 Temporal: 7.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H |
0.25.1-3 | Unknown | None |
| CBL Mariner 1.0 ARM | opensc (CBL-Mariner) | Unknown | Unknown | None | Base: 7.1 Temporal: 7.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H |
0.22.0-2 | Unknown | None |
| CBL Mariner 1.0 x64 | opensc (CBL-Mariner) | Unknown | Unknown | None | Base: 7.1 Temporal: 7.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H |
0.22.0-2 | Unknown | None |
| CBL Mariner 2.0 ARM | opensc (CBL-Mariner) | Unknown | Unknown | None | Base: 7.1 Temporal: 7.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H |
0.22.0-3 | Unknown | None |
| CBL Mariner 2.0 x64 | opensc (CBL-Mariner) | Unknown | Unknown | None | Base: 7.1 Temporal: 7.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H |
0.22.0-3 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-2977 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-29941
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-29941 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
2.16.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
2.16.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-29941 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-31130
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:6.4/TemporalScore:6.4
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/30/2023     Information published. 2.0    05/31/2023     Added nodejs to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-31130 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | grpc (CBL-Mariner) | Unknown | Unknown | None | Base: 6.4 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H |
1.62.0-2 | Unknown | None |
| Azure Linux 3.0 x64 | grpc (CBL-Mariner) | Unknown | Unknown | None | Base: 6.4 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H |
1.62.0-2 | Unknown | None |
| CBL Mariner 1.0 ARM | c-ares (CBL-Mariner) | Unknown | Unknown | None | Base: 6.4 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H |
1.19.1-1 | Unknown | None |
| CBL Mariner 1.0 x64 | c-ares (CBL-Mariner) | Unknown | Unknown | None | Base: 6.4 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H |
1.19.1-1 | Unknown | None |
| CBL Mariner 2.0 ARM | c-ares (CBL-Mariner) fluent-bit (CBL-Mariner) nodejs (CBL-Mariner) nodejs18 (CBL-Mariner) |
Unknown | Unknown | Base: 6.4 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H |
1.19.1-1 2.1.10-1 16.20.1-2 18.17.1-2 |
None | ||
| CBL Mariner 2.0 x64 | c-ares (CBL-Mariner) fluent-bit (CBL-Mariner) nodejs (CBL-Mariner) nodejs18 (CBL-Mariner) |
Unknown | Unknown | Base: 6.4 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H |
1.19.1-1 2.1.10-1 16.20.1-2 18.17.1-2 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2023-31130 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-31147
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:6.5/TemporalScore:6.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/29/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-31147 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | grpc (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N |
1.62.0-2 | Unknown | None |
| Azure Linux 3.0 x64 | grpc (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N |
1.62.0-2 | Unknown | None |
| CBL Mariner 1.0 ARM | c-ares (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N |
1.19.1-1 | Unknown | None |
| CBL Mariner 1.0 x64 | c-ares (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N |
1.19.1-1 | Unknown | None |
| CBL Mariner 2.0 ARM | c-ares (CBL-Mariner) fluent-bit (CBL-Mariner) nodejs (CBL-Mariner) nodejs18 (CBL-Mariner) |
Unknown | Unknown | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N |
1.19.1-1 2.1.10-1 16.20.1-2 18.17.1-2 |
None | ||
| CBL Mariner 2.0 x64 | c-ares (CBL-Mariner) fluent-bit (CBL-Mariner) nodejs (CBL-Mariner) nodejs18 (CBL-Mariner) |
Unknown | Unknown | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N |
1.19.1-1 2.1.10-1 16.20.1-2 18.17.1-2 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2023-31147 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-32067
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/30/2023     Information published. 2.0    05/31/2023     Added nodejs to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-32067 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | grpc (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.62.0-2 | Unknown | None |
| Azure Linux 3.0 x64 | grpc (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.62.0-2 | Unknown | None |
| CBL Mariner 1.0 ARM | c-ares (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.19.1-1 | Unknown | None |
| CBL Mariner 1.0 x64 | c-ares (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.19.1-1 | Unknown | None |
| CBL Mariner 2.0 ARM | c-ares (CBL-Mariner) fluent-bit (CBL-Mariner) nodejs (CBL-Mariner) nodejs18 (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.19.1-1 2.1.10-1 16.20.1-2 18.17.1-2 |
None | ||
| CBL Mariner 2.0 x64 | c-ares (CBL-Mariner) fluent-bit (CBL-Mariner) nodejs (CBL-Mariner) nodejs18 (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.19.1-1 2.1.10-1 16.20.1-2 18.17.1-2 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2023-32067 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2023-32001
MITRE NVD Issuing CNA: support@hackerone.com |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-32001 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
2.16.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
2.16.1-1 | Unknown | None |
| CBL Mariner 2.0 ARM | curl (CBL-Mariner) rust (CBL-Mariner) |
Unknown | Unknown | Base: N/A Temporal: N/A Vector: N/A |
8.2.1-1 1.72.0-2 |
None | ||
| CBL Mariner 2.0 x64 | curl (CBL-Mariner) rust (CBL-Mariner) |
Unknown | Unknown | Base: N/A Temporal: N/A Vector: N/A |
8.2.1-1 1.72.0-2 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2023-32001 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-32731
MITRE NVD Issuing CNA: cve-coordination@google.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-32731 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | grpc (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
1.62.0-2 | Unknown | None |
| Azure Linux 3.0 x64 | grpc (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
1.62.0-2 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-32731 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-32732
MITRE NVD Issuing CNA: cve-coordination@google.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.3/TemporalScore:5.3
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-32732 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | grpc (CBL-Mariner) | Unknown | Unknown | None | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
1.62.0-2 | Unknown | None |
| Azure Linux 3.0 x64 | grpc (CBL-Mariner) | Unknown | Unknown | None | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
1.62.0-2 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-32732 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-3341
MITRE NVD Issuing CNA: security-officer@isc.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-3341 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | bind (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
9.19.21-1 | Unknown | None |
| Azure Linux 3.0 x64 | bind (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
9.19.21-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-3341 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-33953
MITRE NVD Issuing CNA: cve-coordination@google.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-33953 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | grpc (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.62.0-2 | Unknown | None |
| Azure Linux 3.0 x64 | grpc (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.62.0-2 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-33953 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-33460
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:6.5/TemporalScore:6.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/13/2023     Information published. 2.0    06/14/2023     Added yajl to CBL-Mariner 1.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-33460 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | yajl (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
2.1.0-19 | Unknown | None |
| Azure Linux 3.0 x64 | yajl (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
2.1.0-19 | Unknown | None |
| CBL Mariner 1.0 ARM | yajl (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
2.1.0-18 | Unknown | None |
| CBL Mariner 1.0 x64 | yajl (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
2.1.0-18 | Unknown | None |
| CBL Mariner 2.0 ARM | yajl (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
2.1.0-19 | Unknown | None |
| CBL Mariner 2.0 x64 | yajl (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
2.1.0-19 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-33460 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-40660
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:6.6/TemporalScore:6.6
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-40660 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | opensc (CBL-Mariner) | Unknown | Unknown | None | Base: 6.6 Temporal: 6.6 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
0.25.1-3 | Unknown | None |
| Azure Linux 3.0 x64 | opensc (CBL-Mariner) | Unknown | Unknown | None | Base: 6.6 Temporal: 6.6 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
0.25.1-3 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-40660 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-3978
MITRE NVD Issuing CNA: security@golang.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:6.1/TemporalScore:6.1
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    08/08/2023     Information published. 2.0    01/18/2024     Added packer to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-3978 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | kubevirt (CBL-Mariner) telegraf (CBL-Mariner) |
Unknown | Unknown | Base: 6.1 Temporal: 6.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
1.2.0-1 1.29.4-1 |
None | ||
| Azure Linux 3.0 x64 | kubevirt (CBL-Mariner) telegraf (CBL-Mariner) |
Unknown | Unknown | Base: 6.1 Temporal: 6.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
1.2.0-1 1.29.4-1 |
None | ||
| CBL Mariner 2.0 ARM | packer (CBL-Mariner) telegraf (CBL-Mariner) |
Unknown | Unknown | Base: 6.1 Temporal: 6.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
1.10.1-1 1.27.4-1 |
None | ||
| CBL Mariner 2.0 x64 | packer (CBL-Mariner) telegraf (CBL-Mariner) |
Unknown | Unknown | Base: 6.1 Temporal: 6.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
1.10.1-1 1.27.4-1 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2023-3978 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-40661
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:6.4/TemporalScore:6.4
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-40661 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | opensc (CBL-Mariner) | Unknown | Unknown | None | Base: 6.4 Temporal: 6.4 Vector: CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H |
0.25.1-3 | Unknown | None |
| Azure Linux 3.0 x64 | opensc (CBL-Mariner) | Unknown | Unknown | None | Base: 6.4 Temporal: 6.4 Vector: CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H |
0.25.1-3 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-40661 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-41051
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:4.7/TemporalScore:4.7
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    09/05/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-41051 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | kata-containers (CBL-Mariner) | Unknown | Unknown | None | Base: 4.7 Temporal: 4.7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H |
3.2.0.azl0-2 | Unknown | None |
| Azure Linux 3.0 x64 | kata-containers (CBL-Mariner) | Unknown | Unknown | None | Base: 4.7 Temporal: 4.7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H |
3.2.0.azl0-2 | Unknown | None |
| CBL Mariner 2.0 ARM | kata-containers (CBL-Mariner) | Unknown | Unknown | None | Base: 4.7 Temporal: 4.7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H |
3.2.0.azl0-1 | Unknown | None |
| CBL Mariner 2.0 x64 | kata-containers (CBL-Mariner) | Unknown | Unknown | None | Base: 4.7 Temporal: 4.7 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H |
3.2.0.azl0-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-41051 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-46136
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    10/30/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-46136 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | python-werkzeug (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.0.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | python-werkzeug (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.0.1-1 | Unknown | None |
| CBL Mariner 2.0 ARM | python-werkzeug (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.3.7-1 | Unknown | None |
| CBL Mariner 2.0 x64 | python-werkzeug (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.3.7-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-46136 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-46129
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    11/07/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-46129 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | telegraf (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
1.29.4-1 | Unknown | None |
| Azure Linux 3.0 x64 | telegraf (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
1.29.4-1 | Unknown | None |
| CBL Mariner 2.0 ARM | telegraf (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
1.27.4-1 | Unknown | None |
| CBL Mariner 2.0 x64 | telegraf (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
1.27.4-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-46129 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-46752
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.9/TemporalScore:5.9
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    10/30/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-46752 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | frr (CBL-Mariner) | Unknown | Unknown | None | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
9.1-2 | Unknown | None |
| Azure Linux 3.0 x64 | frr (CBL-Mariner) | Unknown | Unknown | None | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
9.1-2 | Unknown | None |
| CBL Mariner 2.0 ARM | frr (CBL-Mariner) | Unknown | Unknown | None | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
8.5.3-3 | Unknown | None |
| CBL Mariner 2.0 x64 | frr (CBL-Mariner) | Unknown | Unknown | None | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
8.5.3-3 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-46752 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-47108
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    11/14/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-47108 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | docker-buildx (CBL-Mariner) docker-compose (CBL-Mariner) moby-containerd-cc (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
0.14.0-1 2.27.0-1 1.7.7-3 |
None | ||
| Azure Linux 3.0 x64 | docker-buildx (CBL-Mariner) docker-compose (CBL-Mariner) moby-containerd-cc (CBL-Mariner) |
Unknown | Unknown | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
0.14.0-1 2.27.0-1 1.7.7-3 |
None | ||
| CBL Mariner 2.0 ARM | moby-containerd-cc (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.7.2-3 | Unknown | None |
| CBL Mariner 2.0 x64 | moby-containerd-cc (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
1.7.2-3 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-47108 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-4693
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:4.6/TemporalScore:4.6
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    10/27/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-4693 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 4.6 Temporal: 4.6 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
2.06-18 | Unknown | None |
| Azure Linux 3.0 x64 | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 4.6 Temporal: 4.6 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
2.06-18 | Unknown | None |
| CBL Mariner 2.0 ARM | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 4.6 Temporal: 4.6 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
2.06-13 | Unknown | None |
| CBL Mariner 2.0 x64 | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 4.6 Temporal: 4.6 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
2.06-13 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-4693 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-47235
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    11/07/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-47235 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | frr (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
9.1-2 | Unknown | None |
| Azure Linux 3.0 x64 | frr (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
9.1-2 | Unknown | None |
| CBL Mariner 2.0 ARM | frr (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
8.5.3-4 | Unknown | None |
| CBL Mariner 2.0 x64 | frr (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
8.5.3-4 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-47235 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-47090
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:6.5/TemporalScore:6.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    11/06/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-47090 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | telegraf (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
1.29.4-1 | Unknown | None |
| Azure Linux 3.0 x64 | telegraf (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
1.29.4-1 | Unknown | None |
| CBL Mariner 2.0 ARM | telegraf (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
1.28.5-1 | Unknown | None |
| CBL Mariner 2.0 x64 | telegraf (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
1.28.5-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-47090 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-47234
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    11/07/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-47234 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | frr (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
9.1-2 | Unknown | None |
| Azure Linux 3.0 x64 | frr (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
9.1-2 | Unknown | None |
| CBL Mariner 2.0 ARM | frr (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
8.5.3-4 | Unknown | None |
| CBL Mariner 2.0 x64 | frr (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
8.5.3-4 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-47234 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-4807
MITRE NVD Issuing CNA: openssl-security@openssl.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    10/11/2023     Information published. 1.0    01/21/2024     Information published. 3.0    03/07/2024     Added kata-containers to CBL-Mariner 2.0 4.0    04/06/2024     Added hvloader to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-4807 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | kata-containers-cc (CBL-Mariner) kata-containers (CBL-Mariner) |
Unknown | Unknown | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
3.2.0.azl1-1 | None | ||
| Azure Linux 3.0 x64 | kata-containers (CBL-Mariner) kata-containers-cc (CBL-Mariner) |
Unknown | Unknown | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
3.2.0.azl1-1 | None | ||
| CBL Mariner 2.0 ARM | hvloader (CBL-Mariner) kata-containers (CBL-Mariner) kata-containers-cc (CBL-Mariner) nodejs18 (CBL-Mariner) |
Unknown | Unknown | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.0.1-3 3.2.0.azl1-1 18.20.2-1 |
None | ||
| CBL Mariner 2.0 x64 | hvloader (CBL-Mariner) kata-containers (CBL-Mariner) kata-containers-cc (CBL-Mariner) nodejs18 (CBL-Mariner) |
Unknown | Unknown | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.0.1-3 3.2.0.azl1-1 18.20.2-1 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2023-4807 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-48795
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.9/TemporalScore:5.9
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    12/25/2023     Information published. 2.0    12/27/2023     Added moby-cli to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-48795 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | docker-buildx (CBL-Mariner) kubernetes (CBL-Mariner) telegraf (CBL-Mariner) |
Unknown | Unknown | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N |
0.14.0-1 1.30.1-1 1.29.4-1 |
None | ||
| Azure Linux 3.0 x64 | docker-buildx (CBL-Mariner) kubernetes (CBL-Mariner) telegraf (CBL-Mariner) |
Unknown | Unknown | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N |
0.14.0-1 1.30.1-1 1.29.4-1 |
None | ||
| CBL Mariner 2.0 ARM | cert-manager (CBL-Mariner) erlang (CBL-Mariner) kubernetes (CBL-Mariner) libssh (CBL-Mariner) |
Unknown | Unknown | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N |
1.11.2-7 25.2-2 1.28.4-4 0.10.6-1 |
None | ||
| CBL Mariner 2.0 x64 | cert-manager (CBL-Mariner) erlang (CBL-Mariner) kubernetes (CBL-Mariner) libssh (CBL-Mariner) |
Unknown | Unknown | Base: 5.9 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N |
1.11.2-7 25.2-2 1.28.4-4 0.10.6-1 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2023-48795 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-49083
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    12/04/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-49083 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | python-cryptography (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
42.0.5-1 | Unknown | None |
| Azure Linux 3.0 x64 | python-cryptography (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
42.0.5-1 | Unknown | None |
| CBL Mariner 2.0 ARM | python-cryptography (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.3.2-6 | Unknown | None |
| CBL Mariner 2.0 x64 | python-cryptography (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.3.2-6 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-49083 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-49990
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.3/TemporalScore:5.3
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-49990 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | espeak-ng (CBL-Mariner) | Unknown | Unknown | None | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L |
1.51.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | espeak-ng (CBL-Mariner) | Unknown | Unknown | None | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L |
1.51.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-49990 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2023-50658
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    02/29/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-50658 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | telegraf (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.29.4-1 | Unknown | None |
| Azure Linux 3.0 x64 | telegraf (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.29.4-1 | Unknown | None |
| CBL Mariner 2.0 ARM | telegraf (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.29.4-1 | Unknown | None |
| CBL Mariner 2.0 x64 | telegraf (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.29.4-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-50658 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-50782
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-50782 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | python-cryptography (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
42.0.5-1 | Unknown | None |
| Azure Linux 3.0 x64 | python-cryptography (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
42.0.5-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-50782 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-5115
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:6.3/TemporalScore:6.3
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-5115 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | ansible (CBL-Mariner) | Unknown | Unknown | None | Base: 6.3 Temporal: 6.3 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N |
2.17.0-1 | Unknown | None |
| Azure Linux 3.0 x64 | ansible (CBL-Mariner) | Unknown | Unknown | None | Base: 6.3 Temporal: 6.3 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N |
2.17.0-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-5115 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-1151
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-1151 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | hyperv-daemons (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
6.6.22.1-2 | Unknown | None |
| Azure Linux 3.0 x64 | hyperv-daemons (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
6.6.22.1-2 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-1151 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-51257
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-51257 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | jasper (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
4.2.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | jasper (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
4.2.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-51257 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-0985
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:8/TemporalScore:8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    02/12/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-0985 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | postgresql (CBL-Mariner) | Unknown | Unknown | None | Base: 8 Temporal: 8 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H |
16.3-1 | Unknown | None |
| Azure Linux 3.0 x64 | postgresql (CBL-Mariner) | Unknown | Unknown | None | Base: 8 Temporal: 8 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H |
16.3-1 | Unknown | None |
| CBL Mariner 2.0 ARM | postgresql (CBL-Mariner) | Unknown | Unknown | None | Base: 8 Temporal: 8 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H |
14.11-1 | Unknown | None |
| CBL Mariner 2.0 x64 | postgresql (CBL-Mariner) | Unknown | Unknown | None | Base: 8 Temporal: 8 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H |
14.11-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-0985 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-51384
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    12/25/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-51384 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | openssh (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
9.7p1-1 | Unknown | None |
| Azure Linux 3.0 x64 | openssh (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
9.7p1-1 | Unknown | None |
| CBL Mariner 2.0 ARM | openssh (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
8.9p1-3 | Unknown | None |
| CBL Mariner 2.0 x64 | openssh (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
8.9p1-3 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-51384 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-1086
MITRE NVD Issuing CNA: security@google.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    02/06/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-1086 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
6.6.22.1-2 | Unknown | None |
| Azure Linux 3.0 x64 | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
6.6.22.1-2 | Unknown | None |
| CBL Mariner 2.0 ARM | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
5.15.153.1-1 | Unknown | None |
| CBL Mariner 2.0 x64 | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
5.15.153.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-1086 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-1454
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:3.4/TemporalScore:3.4
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-1454 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | opensc (CBL-Mariner) | Unknown | Unknown | None | Base: 3.4 Temporal: 3.4 Vector: CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N |
0.25.1-3 | Unknown | None |
| Azure Linux 3.0 x64 | opensc (CBL-Mariner) | Unknown | Unknown | None | Base: 3.4 Temporal: 3.4 Vector: CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N |
0.25.1-3 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-1454 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-51385
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:6.5/TemporalScore:6.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    12/25/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-51385 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | openssh (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N |
9.7p1-1 | Unknown | None |
| Azure Linux 3.0 x64 | openssh (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N |
9.7p1-1 | Unknown | None |
| CBL Mariner 2.0 ARM | openssh (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N |
8.9p1-3 | Unknown | None |
| CBL Mariner 2.0 x64 | openssh (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N |
8.9p1-3 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-51385 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-51714
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:9.8/TemporalScore:9.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    01/21/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-51714 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | qtbase (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
6.6.2-1 | Unknown | None |
| Azure Linux 3.0 x64 | qtbase (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
6.6.2-1 | Unknown | None |
| CBL Mariner 2.0 ARM | qt5-qtbase (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
5.12.11-10 | Unknown | None |
| CBL Mariner 2.0 x64 | qt5-qtbase (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
5.12.11-10 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-51714 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-51764
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.3/TemporalScore:5.3
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    01/06/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-51764 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | postfix (CBL-Mariner) | Unknown | Unknown | None | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
3.9.0-1 | Unknown | None |
| Azure Linux 3.0 x64 | postfix (CBL-Mariner) | Unknown | Unknown | None | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
3.9.0-1 | Unknown | None |
| CBL Mariner 2.0 ARM | postfix (CBL-Mariner) | Unknown | Unknown | None | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
3.7.0-3 | Unknown | None |
| CBL Mariner 2.0 x64 | postfix (CBL-Mariner) | Unknown | Unknown | None | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
3.7.0-3 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-51764 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2023-52071
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-52071 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
2.16.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | tensorflow (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
2.16.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-52071 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2023-51779
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-51779 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | hyperv-daemons (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.6.29.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | hyperv-daemons (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.6.29.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-51779 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-6111
MITRE NVD Issuing CNA: security@google.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    12/12/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-6111 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
6.6.29.1-4 | Unknown | None |
| Azure Linux 3.0 x64 | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
6.6.29.1-4 | Unknown | None |
| CBL Mariner 2.0 ARM | hyperv-daemons (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
5.15.143.1-1 | Unknown | None |
| CBL Mariner 2.0 x64 | hyperv-daemons (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
5.15.143.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-6111 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-6129
MITRE NVD Issuing CNA: openssl-security@openssl.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:6.5/TemporalScore:6.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    01/16/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-6129 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | nodejs (CBL-Mariner) openssl (CBL-Mariner) |
Unknown | Unknown | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H |
20.14.0-1 3.3.0-1 |
None | ||
| Azure Linux 3.0 x64 | nodejs (CBL-Mariner) openssl (CBL-Mariner) |
Unknown | Unknown | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H |
20.14.0-1 3.3.0-1 |
None | ||
| CBL Mariner 2.0 ARM | nodejs18 (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H |
18.20.2-1 | Unknown | None |
| CBL Mariner 2.0 x64 | nodejs18 (CBL-Mariner) | Unknown | Unknown | None | Base: 6.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H |
18.20.2-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-6129 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-6516
MITRE NVD Issuing CNA: security-officer@isc.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    02/19/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-6516 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | bind (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
9.19.21-1 | Unknown | None |
| Azure Linux 3.0 x64 | bind (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
9.19.21-1 | Unknown | None |
| CBL Mariner 2.0 ARM | bind (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
9.16.48-1 | Unknown | None |
| CBL Mariner 2.0 x64 | bind (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
9.16.48-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-6516 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2023-6237
MITRE NVD Issuing CNA: openssl-security@openssl.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    04/25/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-6237 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | nodejs (CBL-Mariner) openssl (CBL-Mariner) |
Unknown | Unknown | Base: N/A Temporal: N/A Vector: N/A |
20.14.0-1 3.3.0-1 |
None | ||
| Azure Linux 3.0 x64 | nodejs (CBL-Mariner) openssl (CBL-Mariner) |
Unknown | Unknown | Base: N/A Temporal: N/A Vector: N/A |
20.14.0-1 3.3.0-1 |
None | ||
| CBL Mariner 2.0 ARM | nodejs18 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
18.20.2-1 | Unknown | None |
| CBL Mariner 2.0 x64 | nodejs18 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
18.20.2-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-6237 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-2313
MITRE NVD Issuing CNA: security@ubuntu.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:2.8/TemporalScore:2.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-2313 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | bpftrace (CBL-Mariner) | Unknown | Unknown | None | Base: 2.8 Temporal: 2.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L |
0.20.3-1 | Unknown | None |
| Azure Linux 3.0 x64 | bpftrace (CBL-Mariner) | Unknown | Unknown | None | Base: 2.8 Temporal: 2.8 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L |
0.20.3-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-2313 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-23651
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.4/TemporalScore:7.4
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    02/05/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-23651 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | moby-engine (CBL-Mariner) | Unknown | Unknown | None | Base: 7.4 Temporal: 7.4 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N |
25.0.3-1 | Unknown | None |
| Azure Linux 3.0 x64 | moby-engine (CBL-Mariner) | Unknown | Unknown | None | Base: 7.4 Temporal: 7.4 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N |
25.0.3-1 | Unknown | None |
| CBL Mariner 2.0 ARM | moby-engine (CBL-Mariner) | Unknown | Unknown | None | Base: 7.4 Temporal: 7.4 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N |
20.10.27-4 | Unknown | None |
| CBL Mariner 2.0 x64 | moby-engine (CBL-Mariner) | Unknown | Unknown | None | Base: 7.4 Temporal: 7.4 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N |
20.10.27-4 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-23651 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-23650
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.3/TemporalScore:5.3
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    02/05/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-23650 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | docker-buildx (CBL-Mariner) docker-compose (CBL-Mariner) moby-engine (CBL-Mariner) |
Unknown | Unknown | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
0.14.0-1 2.27.0-1 25.0.3-1 |
None | ||
| Azure Linux 3.0 x64 | docker-buildx (CBL-Mariner) docker-compose (CBL-Mariner) moby-engine (CBL-Mariner) |
Unknown | Unknown | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
0.14.0-1 2.27.0-1 25.0.3-1 |
None | ||
| CBL Mariner 2.0 ARM | moby-compose (CBL-Mariner) | Unknown | Unknown | None | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
2.17.3-5 | Unknown | None |
| CBL Mariner 2.0 x64 | moby-compose (CBL-Mariner) | Unknown | Unknown | None | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
2.17.3-5 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-23650 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-23653
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:9.8/TemporalScore:9.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    02/05/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-23653 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | docker-buildx (CBL-Mariner) docker-compose (CBL-Mariner) moby-engine (CBL-Mariner) |
Unknown | Unknown | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
0.14.0-1 2.27.0-1 25.0.3-1 |
None | ||
| Azure Linux 3.0 x64 | docker-buildx (CBL-Mariner) docker-compose (CBL-Mariner) moby-engine (CBL-Mariner) |
Unknown | Unknown | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
0.14.0-1 2.27.0-1 25.0.3-1 |
None | ||
| CBL Mariner 2.0 ARM | moby-cli (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
24.0.9-1 | Unknown | None |
| CBL Mariner 2.0 x64 | moby-cli (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
24.0.9-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-23653 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-27038
MITRE NVD Issuing CNA: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-27038 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | hyperv-daemons (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.6.29.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | hyperv-daemons (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.6.29.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-27038 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-24258
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-24258 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | freeglut (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.4.0-1 | Unknown | None |
| Azure Linux 3.0 x64 | freeglut (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.4.0-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-24258 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-23652
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:9.1/TemporalScore:9.1
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    02/05/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-23652 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | moby-engine (CBL-Mariner) | Unknown | Unknown | None | Base: 9.1 Temporal: 9.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H |
25.0.3-1 | Unknown | None |
| Azure Linux 3.0 x64 | moby-engine (CBL-Mariner) | Unknown | Unknown | None | Base: 9.1 Temporal: 9.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H |
25.0.3-1 | Unknown | None |
| CBL Mariner 2.0 ARM | moby-engine (CBL-Mariner) | Unknown | Unknown | None | Base: 9.1 Temporal: 9.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H |
20.10.27-4 | Unknown | None |
| CBL Mariner 2.0 x64 | moby-engine (CBL-Mariner) | Unknown | Unknown | None | Base: 9.1 Temporal: 9.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H |
20.10.27-4 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-23652 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-27061
MITRE NVD Issuing CNA: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-27061 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | hyperv-daemons (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.6.29.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | hyperv-daemons (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.6.29.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-27061 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-27051
MITRE NVD Issuing CNA: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-27051 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | hyperv-daemons (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.6.29.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | hyperv-daemons (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.6.29.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-27051 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-24259
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:7.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-24259 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | freeglut (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.4.0-1 | Unknown | None |
| Azure Linux 3.0 x64 | freeglut (CBL-Mariner) | Unknown | Unknown | None | Base: 7.5 Temporal: 7.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.4.0-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-24259 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-27045
MITRE NVD Issuing CNA: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-27045 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | hyperv-daemons (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.6.29.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | hyperv-daemons (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.6.29.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-27045 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-24557
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    02/12/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-24557 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | moby-engine (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
25.0.3-1 | Unknown | None |
| Azure Linux 3.0 x64 | moby-engine (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
25.0.3-1 | Unknown | None |
| CBL Mariner 2.0 ARM | moby-engine (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
24.0.9-1 | Unknown | None |
| CBL Mariner 2.0 x64 | moby-engine (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
24.0.9-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-24557 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-27037
MITRE NVD Issuing CNA: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-27037 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | hyperv-daemons (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.6.29.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | hyperv-daemons (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.6.29.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-27037 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-27058
MITRE NVD Issuing CNA: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-27058 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | hyperv-daemons (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.6.29.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | hyperv-daemons (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.6.29.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-27058 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-27078
MITRE NVD Issuing CNA: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-27078 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | hyperv-daemons (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.6.29.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | hyperv-daemons (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.6.29.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-27078 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-24758
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:3.9/TemporalScore:3.9
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-24758 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | nodejs (CBL-Mariner) | Unknown | Unknown | None | Base: 3.9 Temporal: 3.9 Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L |
20.14.0-1 | Unknown | None |
| Azure Linux 3.0 x64 | nodejs (CBL-Mariner) | Unknown | Unknown | None | Base: 3.9 Temporal: 3.9 Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L |
20.14.0-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-24758 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-29158
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/14/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-29158 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| Azure Linux 3.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| CBL Mariner 2.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CBL Mariner 2.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-29158 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-24806
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.3/TemporalScore:7.3
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    02/12/2024     Information published. 2.0    02/15/2024     Added libuv to CBL-Mariner 2.0 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-24806 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | cmake (CBL-Mariner) libuv (CBL-Mariner) nodejs (CBL-Mariner) |
Unknown | Unknown | Base: 7.3 Temporal: 7.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L |
3.28.2-6 1.48.0-1 20.14.0-1 |
None | ||
| Azure Linux 3.0 x64 | cmake (CBL-Mariner) libuv (CBL-Mariner) nodejs (CBL-Mariner) |
Unknown | Unknown | Base: 7.3 Temporal: 7.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L |
3.28.2-6 1.48.0-1 20.14.0-1 |
None | ||
| CBL Mariner 2.0 ARM | libuv (CBL-Mariner) nodejs18 (CBL-Mariner) |
Unknown | Unknown | Base: 7.3 Temporal: 7.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L |
1.43.0-2 18.18.2-4 |
None | ||
| CBL Mariner 2.0 x64 | libuv (CBL-Mariner) nodejs18 (CBL-Mariner) |
Unknown | Unknown | Base: 7.3 Temporal: 7.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L |
1.43.0-2 18.18.2-4 |
None | ||
| CVE ID | Acknowledgements |
| CVE-2024-24806 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-29159
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/14/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-29159 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| Azure Linux 3.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| CBL Mariner 2.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CBL Mariner 2.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-29159 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-26581
MITRE NVD Issuing CNA: cve@kernel.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    03/04/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-26581 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | hyperv-daemons (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
6.6.22.1-2 | Unknown | None |
| Azure Linux 3.0 x64 | hyperv-daemons (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
6.6.22.1-2 | Unknown | None |
| CBL Mariner 2.0 ARM | hyperv-daemons (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
5.15.153.1-1 | Unknown | None |
| CBL Mariner 2.0 x64 | hyperv-daemons (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
5.15.153.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-26581 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-25620
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:6.4/TemporalScore:6.4
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-25620 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | helm (CBL-Mariner) | Unknown | Unknown | None | Base: 6.4 Temporal: 6.4 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N |
3.13.2-3 | Unknown | None |
| Azure Linux 3.0 x64 | helm (CBL-Mariner) | Unknown | Unknown | None | Base: 6.4 Temporal: 6.4 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N |
3.13.2-3 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-25620 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-26455
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    03/04/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-26455 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | fluent-bit (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
3.0.3-1 | Unknown | None |
| Azure Linux 3.0 x64 | fluent-bit (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
3.0.3-1 | Unknown | None |
| CBL Mariner 2.0 ARM | fluent-bit (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
2.2.3-1 | Unknown | None |
| CBL Mariner 2.0 x64 | fluent-bit (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
2.2.3-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-26455 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-26582
MITRE NVD Issuing CNA: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-26582 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
6.6.22.1-2 | Unknown | None |
| Azure Linux 3.0 x64 | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 7.8 Temporal: 7.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
6.6.22.1-2 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-26582 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-29160
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/14/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-29160 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| Azure Linux 3.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| CBL Mariner 2.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CBL Mariner 2.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-29160 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-26583
MITRE NVD Issuing CNA: cve@kernel.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:4.7/TemporalScore:4.7
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    03/16/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-26583 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | hyperv-daemons (CBL-Mariner) kernel (CBL-Mariner) |
Unknown | Unknown | Base: 4.7 Temporal: 4.7 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H |
6.6.22.1-2 | None | ||
| Azure Linux 3.0 x64 | hyperv-daemons (CBL-Mariner) kernel (CBL-Mariner) |
Unknown | Unknown | Base: 4.7 Temporal: 4.7 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H |
6.6.22.1-2 | None | ||
| CBL Mariner 2.0 ARM | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 4.7 Temporal: 4.7 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H |
5.15.158.2-1 | Unknown | None |
| CBL Mariner 2.0 x64 | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 4.7 Temporal: 4.7 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H |
5.15.158.2-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-26583 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-26585
MITRE NVD Issuing CNA: cve@kernel.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:4.7/TemporalScore:4.7
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    03/15/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-26585 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 4.7 Temporal: 4.7 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H |
6.6.22.1-2 | Unknown | None |
| Azure Linux 3.0 x64 | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 4.7 Temporal: 4.7 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H |
6.6.22.1-2 | Unknown | None |
| CBL Mariner 2.0 ARM | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 4.7 Temporal: 4.7 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H |
5.15.158.2-1 | Unknown | None |
| CBL Mariner 2.0 x64 | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 4.7 Temporal: 4.7 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H |
5.15.158.2-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-26585 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-26901
MITRE NVD Issuing CNA: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-26901 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
6.6.29.1-3 | Unknown | None |
| Azure Linux 3.0 x64 | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
6.6.29.1-3 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-26901 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-26903
MITRE NVD Issuing CNA: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-26903 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
6.6.29.1-3 | Unknown | None |
| Azure Linux 3.0 x64 | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
6.6.29.1-3 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-26903 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-26902
MITRE NVD Issuing CNA: cve@kernel.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:5.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    04/30/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-26902 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
6.6.29.1-3 | Unknown | None |
| Azure Linux 3.0 x64 | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
6.6.29.1-3 | Unknown | None |
| CBL Mariner 2.0 ARM | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
5.15.158.2-1 | Unknown | None |
| CBL Mariner 2.0 x64 | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: 5.5 Temporal: 5.5 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
5.15.158.2-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-26902 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-26904
MITRE NVD Issuing CNA: cve@kernel.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    04/30/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-26904 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.6.29.1-3 | Unknown | None |
| Azure Linux 3.0 x64 | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
6.6.29.1-3 | Unknown | None |
| CBL Mariner 2.0 ARM | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
5.15.158.2-1 | Unknown | None |
| CBL Mariner 2.0 x64 | kernel (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
5.15.158.2-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-26904 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-29165
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/14/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-29165 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| Azure Linux 3.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| CBL Mariner 2.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CBL Mariner 2.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-29165 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-29166
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/14/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-29166 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| Azure Linux 3.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| CBL Mariner 2.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CBL Mariner 2.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-29166 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-29195
MITRE NVD Issuing CNA: security-advisories@github.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:6/TemporalScore:6
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-29195 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | azure-iot-sdk-c (CBL-Mariner) | Unknown | Unknown | None | Base: 6 Temporal: 6 Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:L |
2024.03.04-1 | Unknown | None |
| Azure Linux 3.0 x64 | azure-iot-sdk-c (CBL-Mariner) | Unknown | Unknown | None | Base: 6 Temporal: 6 Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:L |
2024.03.04-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-29195 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-31852
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-31852 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | llvm (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
18.1.2-3 | Unknown | None |
| Azure Linux 3.0 x64 | llvm (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
18.1.2-3 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-31852 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2024-3177
MITRE NVD Issuing CNA: jordan@liggitt.net |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:2.7/TemporalScore:2.7
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-3177 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | kubernetes (CBL-Mariner) | Unknown | Unknown | None | Base: 2.7 Temporal: 2.7 Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N |
1.30.1-1 | Unknown | None |
| Azure Linux 3.0 x64 | kubernetes (CBL-Mariner) | Unknown | Unknown | None | Base: 2.7 Temporal: 2.7 Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N |
1.30.1-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-3177 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-30205
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-30205 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | emacs (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
29.3-1 | Unknown | None |
| Azure Linux 3.0 x64 | emacs (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
29.3-1 | Unknown | None |
| CBL Mariner 2.0 ARM | emacs (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
29.3-1 | Unknown | None |
| CBL Mariner 2.0 x64 | emacs (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
29.3-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-30205 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-31744
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-31744 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | jasper (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
4.2.1-2 | Unknown | None |
| Azure Linux 3.0 x64 | jasper (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
4.2.1-2 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-31744 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-32610
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/14/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-32610 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| Azure Linux 3.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| CBL Mariner 2.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CBL Mariner 2.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-32610 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-32609
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/14/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-32609 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| Azure Linux 3.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| CBL Mariner 2.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CBL Mariner 2.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-32609 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-32612
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/14/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-32612 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| Azure Linux 3.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| CBL Mariner 2.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CBL Mariner 2.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-32612 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-32614
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/14/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-32614 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| Azure Linux 3.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| CBL Mariner 2.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CBL Mariner 2.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-32614 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-32611
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/14/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-32611 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| Azure Linux 3.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| CBL Mariner 2.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CBL Mariner 2.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-32611 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact |
| CVE-2024-32613
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: None Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    05/14/2024     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-32613 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| Azure Linux 3.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4.3-1 | Unknown | None |
| CBL Mariner 2.0 ARM | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CBL Mariner 2.0 x64 | hdf5 (CBL-Mariner) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
1.14.4-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2024-32613 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2017-16844
MITRE NVD Issuing CNA: cve@mitre.org |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:9.8/TemporalScore:9.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    12/16/2021     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2017-16844 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | procmail (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.22-53 | Unknown | None |
| Azure Linux 3.0 x64 | procmail (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.22-53 | Unknown | None |
| CBL Mariner 2.0 ARM | procmail (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.22-53 | Unknown | None |
| CBL Mariner 2.0 x64 | procmail (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.22-53 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2017-16844 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2022-0699
MITRE NVD Issuing CNA: security@elastic.co |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:9.8/TemporalScore:9.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    09/05/2023     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2022-0699 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | shapelib (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.5.0-3 | Unknown | None |
| Azure Linux 3.0 x64 | shapelib (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.5.0-3 | Unknown | None |
| CBL Mariner 2.0 ARM | shapelib (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.5.0-3 | Unknown | None |
| CBL Mariner 2.0 x64 | shapelib (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
1.5.0-3 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2022-0699 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2019-5544
MITRE NVD Issuing CNA: security@vmware.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:9.8/TemporalScore:9.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    01/19/2022     Information published. 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2019-5544 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | openslp (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
2.0.0-26 | Unknown | None |
| Azure Linux 3.0 x64 | openslp (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
2.0.0-26 | Unknown | None |
| CBL Mariner 2.0 ARM | openslp (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
2.0.0-26 | Unknown | None |
| CBL Mariner 2.0 x64 | openslp (CBL-Mariner) | Unknown | Unknown | None | Base: 9.8 Temporal: 9.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
2.0.0-26 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2019-5544 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-6780
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:5.3/TemporalScore:5.3
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-6780 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | glibc (CBL-Mariner) | Unknown | Unknown | None | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
2.38-6 | Unknown | None |
| Azure Linux 3.0 x64 | glibc (CBL-Mariner) | Unknown | Unknown | None | Base: 5.3 Temporal: 5.3 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
2.38-6 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-6780 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||
| CVE-2023-4001
MITRE NVD Issuing CNA: secalert@redhat.com |
CVE Title: Unknown
CVSS: CVSS:3.1 Highest BaseScore:6.8/TemporalScore:6.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/30/2024     Information published. |
Unknown | Unknown | ||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2023-4001 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Linux 3.0 ARM | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 6.8 Temporal: 6.8 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
2.12-1 | Unknown | None |
| Azure Linux 3.0 x64 | grub2 (CBL-Mariner) | Unknown | Unknown | None | Base: 6.8 Temporal: 6.8 Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
2.12-1 | Unknown | None |
| CVE ID | Acknowledgements |
| CVE-2023-4001 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||
| CVE-2024-5841
MITRE NVD Issuing CNA: Chrome |
CVE Title: Chromium: CVE-2024-5841 Use after free in V8
CVSS: None Executive Summary: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. How can I see the version of the browser?
Mitigations: None Workarounds: None Revision: 1.0    06/13/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-5841 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft Edge (Chromium-based) | Release Notes (Security Update) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
126.0.2592.56 | No | None |
| CVE ID | Acknowledgements |
| CVE-2024-5841 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||
| CVE-2024-5835
MITRE NVD Issuing CNA: Chrome |
CVE Title: Chromium: CVE-2024-5835 Heap buffer overflow in Tab Groups
CVSS: None Executive Summary: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. How can I see the version of the browser?
Mitigations: None Workarounds: None Revision: 1.0    06/13/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-5835 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft Edge (Chromium-based) | Release Notes (Security Update) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
126.0.2592.56 | No | None |
| CVE ID | Acknowledgements |
| CVE-2024-5835 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||
| CVE-2024-5837
MITRE NVD Issuing CNA: Chrome |
CVE Title: Chromium: CVE-2024-5837 Type Confusion in V8
CVSS: None Executive Summary: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. How can I see the version of the browser?
Mitigations: None Workarounds: None Revision: 1.0    06/13/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-5837 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft Edge (Chromium-based) | Release Notes (Security Update) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
126.0.2592.56 | No | None |
| CVE ID | Acknowledgements |
| CVE-2024-5837 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||
| CVE-2024-5844
MITRE NVD Issuing CNA: Chrome |
CVE Title: Chromium: CVE-2024-5844 Heap buffer overflow in Tab Strip
CVSS: None Executive Summary: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. How can I see the version of the browser?
Mitigations: None Workarounds: None Revision: 1.0    06/13/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-5844 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft Edge (Chromium-based) | Release Notes (Security Update) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
126.0.2592.56 | No | None |
| CVE ID | Acknowledgements |
| CVE-2024-5844 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||
| CVE-2024-5833
MITRE NVD Issuing CNA: Chrome |
CVE Title: Chromium: CVE-2024-5833 Type Confusion in V8
CVSS: None Executive Summary: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. How can I see the version of the browser?
Mitigations: None Workarounds: None Revision: 1.0    06/13/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-5833 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft Edge (Chromium-based) | Release Notes (Security Update) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
126.0.2592.56 | No | None |
| CVE ID | Acknowledgements |
| CVE-2024-5833 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||
| CVE-2024-5839
MITRE NVD Issuing CNA: Chrome |
CVE Title: Chromium: CVE-2024-5839 Inappropriate Implementation in Memory Allocator
CVSS: None Executive Summary: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. How can I see the version of the browser?
Mitigations: None Workarounds: None Revision: 1.0    06/13/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-5839 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft Edge (Chromium-based) | Release Notes (Security Update) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
126.0.2592.56 | No | None |
| CVE ID | Acknowledgements |
| CVE-2024-5839 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||
| CVE-2024-5836
MITRE NVD Issuing CNA: Chrome |
CVE Title: Chromium: CVE-2024-5836 Inappropriate Implementation in DevTools
CVSS: None Executive Summary: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. How can I see the version of the browser?
Mitigations: None Workarounds: None Revision: 1.0    06/13/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-5836 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft Edge (Chromium-based) | Release Notes (Security Update) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
126.0.2592.56 | No | None |
| CVE ID | Acknowledgements |
| CVE-2024-5836 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||
| CVE-2024-5834
MITRE NVD Issuing CNA: Chrome |
CVE Title: Chromium: CVE-2024-5834 Inappropriate implementation in Dawn
CVSS: None Executive Summary: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. How can I see the version of the browser?
Mitigations: None Workarounds: None Revision: 1.0    06/13/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-5834 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft Edge (Chromium-based) | Release Notes (Security Update) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
126.0.2592.56 | No | None |
| CVE ID | Acknowledgements |
| CVE-2024-5834 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||
| CVE-2024-5843
MITRE NVD Issuing CNA: Chrome |
CVE Title: Chromium: CVE-2024-5843 Inappropriate implementation in Downloads
CVSS: None Executive Summary: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. How can I see the version of the browser?
Mitigations: None Workarounds: None Revision: 1.0    06/13/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-5843 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft Edge (Chromium-based) | Release Notes (Security Update) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
126.0.2592.56 | No | None |
| CVE ID | Acknowledgements |
| CVE-2024-5843 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||
| CVE-2024-5831
MITRE NVD Issuing CNA: Chrome |
CVE Title: Chromium: CVE-2024-5831 Use after free in Dawn
CVSS: None Executive Summary: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. How can I see the version of the browser?
Mitigations: None Workarounds: None Revision: 1.0    06/13/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-5831 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft Edge (Chromium-based) | Release Notes (Security Update) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
126.0.2592.56 | No | None |
| CVE ID | Acknowledgements |
| CVE-2024-5831 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||
| CVE-2024-5840
MITRE NVD Issuing CNA: Chrome |
CVE Title: Chromium: CVE-2024-5840 Policy Bypass in CORS
CVSS: None Executive Summary: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. How can I see the version of the browser?
Mitigations: None Workarounds: None Revision: 1.0    06/13/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-5840 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft Edge (Chromium-based) | Release Notes (Security Update) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
126.0.2592.56 | No | None |
| CVE ID | Acknowledgements |
| CVE-2024-5840 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||
| CVE-2024-5842
MITRE NVD Issuing CNA: Chrome |
CVE Title: Chromium: CVE-2024-5842 Use after free in Browser UI
CVSS: None Executive Summary: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. How can I see the version of the browser?
Mitigations: None Workarounds: None Revision: 1.0    06/13/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-5842 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft Edge (Chromium-based) | Release Notes (Security Update) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
126.0.2592.56 | No | None |
| CVE ID | Acknowledgements |
| CVE-2024-5842 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||
| CVE-2024-5838
MITRE NVD Issuing CNA: Chrome |
CVE Title: Chromium: CVE-2024-5838 Type Confusion in V8
CVSS: None Executive Summary: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. How can I see the version of the browser?
Mitigations: None Workarounds: None Revision: 1.0    06/13/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-5838 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft Edge (Chromium-based) | Release Notes (Security Update) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
126.0.2592.56 | No | None |
| CVE ID | Acknowledgements |
| CVE-2024-5838 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||
| CVE-2024-5832
MITRE NVD Issuing CNA: Chrome |
CVE Title: Chromium: CVE-2024-5832 Use after free in Dawn
CVSS: None Executive Summary: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. How can I see the version of the browser?
Mitigations: None Workarounds: None Revision: 1.0    06/13/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-5832 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft Edge (Chromium-based) | Release Notes (Security Update) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
126.0.2592.56 | No | None |
| CVE ID | Acknowledgements |
| CVE-2024-5832 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||
| CVE-2024-5830
MITRE NVD Issuing CNA: Chrome |
CVE Title: Chromium: CVE-2024-5830 Type Confusion in V8
CVSS: None Executive Summary: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. How can I see the version of the browser?
Mitigations: None Workarounds: None Revision: 1.0    06/13/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-5830 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft Edge (Chromium-based) | Release Notes (Security Update) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
126.0.2592.56 | No | None |
| CVE ID | Acknowledgements |
| CVE-2024-5830 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2024-30069
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Remote Access Connection Manager Information Disclosure Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:4.7/TemporalScore:4.1
Executive Summary: None FAQ: What type of information could be disclosed by this vulnerability? An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment. Mitigations: None Workarounds: None Revision: 1.0    06/11/2024     Information published. |
Important | Information Disclosure | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-30069 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 for 32-bit Systems | 5039225 (Security Update) | Important | Information Disclosure | 5037788 | Base: 4.7 Temporal: 4.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.10240.20680 | Yes | None |
| Windows 10 for x64-based Systems | 5039225 (Security Update) | Important | Information Disclosure | 5037788 | Base: 4.7 Temporal: 4.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.10240.20680 | Yes | None |
| Windows 10 Version 1607 for 32-bit Systems | 5039214 (Security Update) | Important | Information Disclosure | 5037763 | Base: 4.7 Temporal: 4.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5039214 (Security Update) | Important | Information Disclosure | 5037763 | Base: 4.7 Temporal: 4.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5039217 (Security Update) | Important | Information Disclosure | 5037765 | Base: 4.7 Temporal: 4.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 1809 for ARM64-based Systems | 5039217 (Security Update) | Important | Information Disclosure | 5037765 | Base: 4.7 Temporal: 4.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5039217 (Security Update) | Important | Information Disclosure | 5037765 | Base: 4.7 Temporal: 4.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5039211 (Security Update) | Important | Information Disclosure | 5037768 |
Base: 4.7 Temporal: 4.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 21H2 for ARM64-based Systems | 5039211 (Security Update) | Important | Information Disclosure | 5037768 |
Base: 4.7 Temporal: 4.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 21H2 for x64-based Systems | 5039211 (Security Update) | Important | Information Disclosure | 5037768 |
Base: 4.7 Temporal: 4.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for 32-bit Systems | 5039211 (Security Update) | Important | Information Disclosure | 5037768 |
Base: 4.7 Temporal: 4.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for ARM64-based Systems | 5039211 (Security Update) | Important | Information Disclosure | 5037768 |
Base: 4.7 Temporal: 4.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for x64-based Systems | 5039211 (Security Update) | Important | Information Disclosure | 5037768 |
Base: 4.7 Temporal: 4.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 11 version 21H2 for ARM64-based Systems | 5039213 (Security Update) | Important | Information Disclosure | 5037770 |
Base: 4.7 Temporal: 4.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 version 21H2 for x64-based Systems | 5039213 (Security Update) | Important | Information Disclosure | 5037770 |
Base: 4.7 Temporal: 4.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 Version 22H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Information Disclosure | 5037771 | Base: 4.7 Temporal: 4.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5039212 (Security Update) | Important | Information Disclosure | 5037771 | Base: 4.7 Temporal: 4.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Information Disclosure | 5037771 | Base: 4.7 Temporal: 4.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5039212 (Security Update) | Important | Information Disclosure | 5037771 | Base: 4.7 Temporal: 4.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows Server 2016 | 5039214 (Security Update) | Important | Information Disclosure | 5037763 | Base: 4.7 Temporal: 4.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2016 (Server Core installation) | 5039214 (Security Update) | Important | Information Disclosure | 5037763 | Base: 4.7 Temporal: 4.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2019 | 5039217 (Security Update) | Important | Information Disclosure | 5037765 | Base: 4.7 Temporal: 4.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2019 (Server Core installation) | 5039217 (Security Update) | Important | Information Disclosure | 5037765 | Base: 4.7 Temporal: 4.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2022 | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Information Disclosure | 5037782 5037848 |
Base: 4.7 Temporal: 4.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022 (Server Core installation) | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Information Disclosure | 5037782 5037848 |
Base: 4.7 Temporal: 4.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5039236 (Security Update) | Important | Information Disclosure | 5037781 | Base: 4.7 Temporal: 4.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.25398.950 | Yes | None |
| CVE ID | Acknowledgements |
| CVE-2024-30069 | George Hughey with MSRC Vulnerabilities & Mitigations |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2024-30070
MITRE NVD Issuing CNA: Microsoft |
CVE Title: DHCP Server Service Denial of Service Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:6.7
Executive Summary: None FAQ: None Mitigations: The following mitigating factors might be helpful in your situation: Customers who have not configured their DHCP server as a failover are not affected by this vulnerability. Workarounds: None Revision: 1.0    06/11/2024     Information published. |
Important | Denial of Service | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-30070 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows Server 2012 | 5039260 (Monthly Rollup) | Important | Denial of Service | 5037778 | Base: 7.5 Temporal: 6.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C |
6.2.9200.24919 | Yes | None |
| Windows Server 2012 (Server Core installation) | 5039260 (Monthly Rollup) | Important | Denial of Service | 5037778 | Base: 7.5 Temporal: 6.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C |
6.2.9200.24919 | Yes | None |
| Windows Server 2012 R2 | 5039294 (Monthly Rollup) | Important | Denial of Service | 5037823 | Base: 7.5 Temporal: 6.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C |
6.3.9600.22023 | Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5039294 (Monthly Rollup) | Important | Denial of Service | 5037823 | Base: 7.5 Temporal: 6.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C |
6.3.9600.22023 | Yes | None |
| Windows Server 2016 | 5039214 (Security Update) | Important | Denial of Service | 5037763 | Base: 7.5 Temporal: 6.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2016 (Server Core installation) | 5039214 (Security Update) | Important | Denial of Service | 5037763 | Base: 7.5 Temporal: 6.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2019 | 5039217 (Security Update) | Important | Denial of Service | 5037765 | Base: 7.5 Temporal: 6.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2019 (Server Core installation) | 5039217 (Security Update) | Important | Denial of Service | 5037765 | Base: 7.5 Temporal: 6.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| CVE ID | Acknowledgements |
| CVE-2024-30070 | YanZiShuang@BigCJTeam of cyberkl |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2024-30072
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft Event Trace Log File Parsing Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: None FAQ: According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? An attacker must send the user a malicious file and convince them to open it. According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability. Mitigations: None Workarounds: None Revision: 1.0    06/11/2024     Information published. |
Important | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-30072 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 11 Version 22H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Remote Code Execution | 5037771 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5039212 (Security Update) | Important | Remote Code Execution | 5037771 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Remote Code Execution | 5037771 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5039212 (Security Update) | Important | Remote Code Execution | 5037771 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5039236 (Security Update) | Important | Remote Code Execution | 5037781 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.950 | Yes | None |
| CVE ID | Acknowledgements |
| CVE-2024-30072 | Laith AL-Satari |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2024-30074
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:8/TemporalScore:7.2
Executive Summary: None FAQ: According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability? Exploiting this vulnerability requires an attacker to be within proximity of the target system to send and receive radio transmissions. How could an attacker exploit the vulnerability? An unauthenticated attacker could send a malicious networking packet to an adjacent system where a user is running the Network Map functionality over a WiFi networking adapter, which could enable remote code execution. Mitigations: None Workarounds: None Revision: 1.0    06/11/2024     Information published. |
Important | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-30074 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Remote Code Execution | 5037800 |
Base: 8 Temporal: 7.2 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Remote Code Execution | 5037800 |
Base: 8 Temporal: 7.2 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Remote Code Execution | 5037800 |
Base: 8 Temporal: 7.2 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Remote Code Execution | 5037800 |
Base: 8 Temporal: 7.2 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5039289 (Monthly Rollup) 5039274 (Security Only) |
Important | Remote Code Execution | 5037780 |
Base: 8 Temporal: 7.2 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
6.1.7601.27170 | Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5039289 (Monthly Rollup) 5039274 (Security Only) |
Important | Remote Code Execution | 5037780 |
Base: 8 Temporal: 7.2 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
6.1.7601.27170 | Yes | None |
| CVE ID | Acknowledgements |
| CVE-2024-30074 | Wei in Kunlun Lab with Cyber KunLun |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2024-30075
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Link Layer Topology Discovery Protocol Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:8/TemporalScore:7
Executive Summary: None FAQ: According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability? Exploiting this vulnerability requires an attacker to be within proximity of the target system to send and receive radio transmissions. How could an attacker exploit the vulnerability? An unauthenticated attacker could send a malicious networking packet to an adjacent system where a user is running the Network Map functionality over a WiFi networking adapter, which could enable remote code execution. Mitigations: None Workarounds: None Revision: 1.0    06/11/2024     Information published. |
Important | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-30075 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Remote Code Execution | 5037800 |
Base: 8 Temporal: 7 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Remote Code Execution | 5037800 |
Base: 8 Temporal: 7 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Remote Code Execution | 5037800 |
Base: 8 Temporal: 7 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Remote Code Execution | 5037800 |
Base: 8 Temporal: 7 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5039289 (Monthly Rollup) 5039274 (Security Only) |
Important | Remote Code Execution | 5037780 |
Base: 8 Temporal: 7 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.27170 | Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5039289 (Monthly Rollup) 5039274 (Security Only) |
Important | Remote Code Execution | 5037780 |
Base: 8 Temporal: 7 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.27170 | Yes | None |
| CVE ID | Acknowledgements |
| CVE-2024-30075 | Wei in Kunlun Lab with Cyber KunLun |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2024-30076
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Container Manager Service Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:6.8/TemporalScore:5.9
Executive Summary: None FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. According to the CVSS metrics, successful exploitation of this vulnerability could lead to no loss of confidentiality (C:N) but have major impact on integrity (I:H) and on availability (A:H). What does that mean for this vulnerability? This vulnerability does not allow disclosure of any confidential information, but could allow an attacker to delete data that could include data that results in the service being unavailable. Mitigations: None Workarounds: None Revision: 1.0    06/11/2024     Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-30076 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1607 for x64-based Systems | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 6.8 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 6.8 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 21H2 for x64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 6.8 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for x64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 6.8 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 11 version 21H2 for ARM64-based Systems | 5039213 (Security Update) | Important | Elevation of Privilege | 5037770 |
Base: 6.8 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 version 21H2 for x64-based Systems | 5039213 (Security Update) | Important | Elevation of Privilege | 5037770 |
Base: 6.8 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 Version 22H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 6.8 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 6.8 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 6.8 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 6.8 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows Server 2016 | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 6.8 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2016 (Server Core installation) | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 6.8 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2019 | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 6.8 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2019 (Server Core installation) | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 6.8 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2022 | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Elevation of Privilege | 5037782 5037848 |
Base: 6.8 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022 (Server Core installation) | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Elevation of Privilege | 5037782 5037848 |
Base: 6.8 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5039236 (Security Update) | Important | Elevation of Privilege | 5037781 | Base: 6.8 Temporal: 5.9 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.950 | Yes | None |
| CVE ID | Acknowledgements |
| CVE-2024-30076 | Jakub Štrom |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2024-30077
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows OLE Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:8/TemporalScore:7
Executive Summary: None FAQ: How could an attacker exploit this vulnerability? An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client. Mitigations: None Workarounds: None Revision: 1.0    06/11/2024     Information published. |
Important | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-30077 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 for 32-bit Systems | 5039225 (Security Update) | Important | Remote Code Execution | 5037788 | Base: 8 Temporal: 7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.20680 | Yes | None |
| Windows 10 for x64-based Systems | 5039225 (Security Update) | Important | Remote Code Execution | 5037788 | Base: 8 Temporal: 7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.20680 | Yes | None |
| Windows 10 Version 1607 for 32-bit Systems | 5039214 (Security Update) | Important | Remote Code Execution | 5037763 | Base: 8 Temporal: 7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5039214 (Security Update) | Important | Remote Code Execution | 5037763 | Base: 8 Temporal: 7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5039217 (Security Update) | Important | Remote Code Execution | 5037765 | Base: 8 Temporal: 7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 1809 for ARM64-based Systems | 5039217 (Security Update) | Important | Remote Code Execution | 5037765 | Base: 8 Temporal: 7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5039217 (Security Update) | Important | Remote Code Execution | 5037765 | Base: 8 Temporal: 7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5039211 (Security Update) | Important | Remote Code Execution | 5037768 |
Base: 8 Temporal: 7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 21H2 for ARM64-based Systems | 5039211 (Security Update) | Important | Remote Code Execution | 5037768 |
Base: 8 Temporal: 7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 21H2 for x64-based Systems | 5039211 (Security Update) | Important | Remote Code Execution | 5037768 |
Base: 8 Temporal: 7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for 32-bit Systems | 5039211 (Security Update) | Important | Remote Code Execution | 5037768 |
Base: 8 Temporal: 7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for ARM64-based Systems | 5039211 (Security Update) | Important | Remote Code Execution | 5037768 |
Base: 8 Temporal: 7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for x64-based Systems | 5039211 (Security Update) | Important | Remote Code Execution | 5037768 |
Base: 8 Temporal: 7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 11 version 21H2 for ARM64-based Systems | 5039213 (Security Update) | Important | Remote Code Execution | 5037770 |
Base: 8 Temporal: 7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 version 21H2 for x64-based Systems | 5039213 (Security Update) | Important | Remote Code Execution | 5037770 |
Base: 8 Temporal: 7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 Version 22H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Remote Code Execution | 5037771 | Base: 8 Temporal: 7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5039212 (Security Update) | Important | Remote Code Execution | 5037771 | Base: 8 Temporal: 7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Remote Code Execution | 5037771 | Base: 8 Temporal: 7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5039212 (Security Update) | Important | Remote Code Execution | 5037771 | Base: 8 Temporal: 7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Remote Code Execution | 5037800 |
Base: 8 Temporal: 7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Remote Code Execution | 5037800 |
Base: 8 Temporal: 7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Remote Code Execution | 5037800 |
Base: 8 Temporal: 7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Remote Code Execution | 5037800 |
Base: 8 Temporal: 7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5039289 (Monthly Rollup) 5039274 (Security Only) |
Important | Remote Code Execution | 5037780 |
Base: 8 Temporal: 7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.27170 | Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5039289 (Monthly Rollup) 5039274 (Security Only) |
Important | Remote Code Execution | 5037780 |
Base: 8 Temporal: 7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.27170 | Yes | None |
| Windows Server 2012 | 5039260 (Monthly Rollup) | Important | Remote Code Execution | 5037778 | Base: 8 Temporal: 7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.24919 | Yes | None |
| Windows Server 2012 (Server Core installation) | 5039260 (Monthly Rollup) | Important | Remote Code Execution | 5037778 | Base: 8 Temporal: 7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.24919 | Yes | None |
| Windows Server 2012 R2 | 5039294 (Monthly Rollup) | Important | Remote Code Execution | 5037823 | Base: 8 Temporal: 7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22023 | Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5039294 (Monthly Rollup) | Important | Remote Code Execution | 5037823 | Base: 8 Temporal: 7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22023 | Yes | None |
| Windows Server 2016 | 5039214 (Security Update) | Important | Remote Code Execution | 5037763 | Base: 8 Temporal: 7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2016 (Server Core installation) | 5039214 (Security Update) | Important | Remote Code Execution | 5037763 | Base: 8 Temporal: 7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2019 | 5039217 (Security Update) | Important | Remote Code Execution | 5037765 | Base: 8 Temporal: 7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2019 (Server Core installation) | 5039217 (Security Update) | Important | Remote Code Execution | 5037765 | Base: 8 Temporal: 7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2022 | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Remote Code Execution | 5037782 5037848 |
Base: 8 Temporal: 7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022 (Server Core installation) | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Remote Code Execution | 5037782 5037848 |
Base: 8 Temporal: 7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5039236 (Security Update) | Important | Remote Code Execution | 5037781 | Base: 8 Temporal: 7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.950 | Yes | None |
| CVE ID | Acknowledgements |
| CVE-2024-30077 | bee13oy with Cyber Kunlun Lab Anonymous |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2024-30078
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Wi-Fi Driver Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Executive Summary: None FAQ: According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability? Exploiting this vulnerability requires an attacker to be within proximity of the target system to send and receive radio transmissions. How could an attacker exploit the vulnerability? An unauthenticated attacker could send a malicious networking packet to an adjacent system that is employing a Wi-Fi networking adapter, which could enable remote code execution. Mitigations: None Workarounds: None Revision: 1.0    06/11/2024     Information published. |
Important | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-30078 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 for 32-bit Systems | 5039225 (Security Update) | Important | Remote Code Execution | 5037788 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.20680 | Yes | None |
| Windows 10 for x64-based Systems | 5039225 (Security Update) | Important | Remote Code Execution | 5037788 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.20680 | Yes | None |
| Windows 10 Version 1607 for 32-bit Systems | 5039214 (Security Update) | Important | Remote Code Execution | 5037763 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5039214 (Security Update) | Important | Remote Code Execution | 5037763 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5039217 (Security Update) | Important | Remote Code Execution | 5037765 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 1809 for ARM64-based Systems | 5039217 (Security Update) | Important | Remote Code Execution | 5037765 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5039217 (Security Update) | Important | Remote Code Execution | 5037765 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5039211 (Security Update) | Important | Remote Code Execution | 5037768 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 21H2 for ARM64-based Systems | 5039211 (Security Update) | Important | Remote Code Execution | 5037768 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 21H2 for x64-based Systems | 5039211 (Security Update) | Important | Remote Code Execution | 5037768 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for 32-bit Systems | 5039211 (Security Update) | Important | Remote Code Execution | 5037768 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for ARM64-based Systems | 5039211 (Security Update) | Important | Remote Code Execution | 5037768 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for x64-based Systems | 5039211 (Security Update) | Important | Remote Code Execution | 5037768 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 11 version 21H2 for ARM64-based Systems | 5039213 (Security Update) | Important | Remote Code Execution | 5037770 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 version 21H2 for x64-based Systems | 5039213 (Security Update) | Important | Remote Code Execution | 5037770 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 Version 22H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Remote Code Execution | 5037771 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5039212 (Security Update) | Important | Remote Code Execution | 5037771 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Remote Code Execution | 5037771 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5039212 (Security Update) | Important | Remote Code Execution | 5037771 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Remote Code Execution | 5037800 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Remote Code Execution | 5037800 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Remote Code Execution | 5037800 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Remote Code Execution | 5037800 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5039289 (Monthly Rollup) 5039274 (Security Only) |
Important | Remote Code Execution | 5037780 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.27170 | Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5039289 (Monthly Rollup) 5039274 (Security Only) |
Important | Remote Code Execution | 5037780 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.27170 | Yes | None |
| Windows Server 2012 | 5039260 (Monthly Rollup) | Important | Remote Code Execution | 5037778 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.24919 | Yes | None |
| Windows Server 2012 (Server Core installation) | 5039260 (Monthly Rollup) | Important | Remote Code Execution | 5037778 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.24919 | Yes | None |
| Windows Server 2012 R2 | 5039294 (Monthly Rollup) | Important | Remote Code Execution | 5037823 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22023 | Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5039294 (Monthly Rollup) | Important | Remote Code Execution | 5037823 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22023 | Yes | None |
| Windows Server 2016 | 5039214 (Security Update) | Important | Remote Code Execution | 5037763 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2016 (Server Core installation) | 5039214 (Security Update) | Important | Remote Code Execution | 5037763 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2019 | 5039217 (Security Update) | Important | Remote Code Execution | 5037765 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2019 (Server Core installation) | 5039217 (Security Update) | Important | Remote Code Execution | 5037765 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2022 | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Remote Code Execution | 5037782 5037848 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022 (Server Core installation) | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Remote Code Execution | 5037782 5037848 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5039236 (Security Update) | Important | Remote Code Execution | 5037781 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.950 | Yes | None |
| CVE ID | Acknowledgements |
| CVE-2024-30078 | Wei in Kunlun Lab with Cyber KunLun |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2024-30080
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:9.8/TemporalScore:8.5
Executive Summary: None FAQ: How could an attacker exploit the vulnerability? To exploit this vulnerability, an attacker would need to send a series of specially crafted MSMQ packets in a rapid sequence over HTTP to a MSMQ server. This could result in remote code execution on the server side. Mitigations: Mitigation refers to a setting, common configuration, or general best-practice, existing in a default state, that could reduce the severity of exploitation of a vulnerability. The following mitigating factors might be helpful in your situation: The Windows message queuing service, which is a Windows component, needs to be enabled for a system to be exploitable by this vulnerability. This feature can be added via the Control Panel. To determine if your system is susceptible, check to see if the MSMQ HTTP-Support feature is enabled and if there is a service running named Message Queuing on the machine. Workarounds: None Revision: 1.0    06/11/2024     Information published. 1.1    06/13/2024     Corrected information in the FAQ and Mitigation sections as follows: To exploit the vulnerability, an attacker must send a series of specially crafted MSMQ packets in a rapid sequence over HTTP to a MSMQ server. To determine if your system is susceptible, check to see if the MSMQ HTTP-Support feature is enabled and if there is a service running named Message Queuing on the machine. These are informational changes only. |
Critical | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation More Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-30080 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 for 32-bit Systems | 5039225 (Security Update) | Critical | Remote Code Execution | 5037788 | Base: 9.8 Temporal: 8.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.20680 | Yes | None |
| Windows 10 for x64-based Systems | 5039225 (Security Update) | Critical | Remote Code Execution | 5037788 | Base: 9.8 Temporal: 8.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.20680 | Yes | None |
| Windows 10 Version 1607 for 32-bit Systems | 5039214 (Security Update) | Critical | Remote Code Execution | 5037763 | Base: 9.8 Temporal: 8.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5039214 (Security Update) | Critical | Remote Code Execution | 5037763 | Base: 9.8 Temporal: 8.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5039217 (Security Update) | Critical | Remote Code Execution | 5037765 | Base: 9.8 Temporal: 8.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 1809 for ARM64-based Systems | 5039217 (Security Update) | Critical | Remote Code Execution | 5037765 | Base: 9.8 Temporal: 8.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5039217 (Security Update) | Critical | Remote Code Execution | 5037765 | Base: 9.8 Temporal: 8.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5039211 (Security Update) | Critical | Remote Code Execution | 5037768 |
Base: 9.8 Temporal: 8.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 21H2 for ARM64-based Systems | 5039211 (Security Update) | Critical | Remote Code Execution | 5037768 |
Base: 9.8 Temporal: 8.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 21H2 for x64-based Systems | 5039211 (Security Update) | Critical | Remote Code Execution | 5037768 |
Base: 9.8 Temporal: 8.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for 32-bit Systems | 5039211 (Security Update) | Critical | Remote Code Execution | 5037768 |
Base: 9.8 Temporal: 8.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for ARM64-based Systems | 5039211 (Security Update) | Critical | Remote Code Execution | 5037768 |
Base: 9.8 Temporal: 8.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for x64-based Systems | 5039211 (Security Update) | Critical | Remote Code Execution | 5037768 |
Base: 9.8 Temporal: 8.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 11 version 21H2 for ARM64-based Systems | 5039213 (Security Update) | Critical | Remote Code Execution | 5037770 |
Base: 9.8 Temporal: 8.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 version 21H2 for x64-based Systems | 5039213 (Security Update) | Critical | Remote Code Execution | 5037770 |
Base: 9.8 Temporal: 8.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 Version 22H2 for ARM64-based Systems | 5039212 (Security Update) | Critical | Remote Code Execution | 5037771 | Base: 9.8 Temporal: 8.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5039212 (Security Update) | Critical | Remote Code Execution | 5037771 | Base: 9.8 Temporal: 8.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5039212 (Security Update) | Critical | Remote Code Execution | 5037771 | Base: 9.8 Temporal: 8.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5039212 (Security Update) | Critical | Remote Code Execution | 5037771 | Base: 9.8 Temporal: 8.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Critical | Remote Code Execution | 5037800 |
Base: 9.8 Temporal: 8.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Critical | Remote Code Execution | 5037800 |
Base: 9.8 Temporal: 8.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Critical | Remote Code Execution | 5037800 |
Base: 9.8 Temporal: 8.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Critical | Remote Code Execution | 5037800 |
Base: 9.8 Temporal: 8.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5039289 (Monthly Rollup) 5039274 (Security Only) |
Critical | Remote Code Execution | 5037780 |
Base: 9.8 Temporal: 8.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.27170 | Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5039289 (Monthly Rollup) 5039274 (Security Only) |
Critical | Remote Code Execution | 5037780 |
Base: 9.8 Temporal: 8.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.27170 | Yes | None |
| Windows Server 2012 | 5039260 (Monthly Rollup) | Critical | Remote Code Execution | 5037778 | Base: 9.8 Temporal: 8.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.24919 | Yes | None |
| Windows Server 2012 (Server Core installation) | 5039260 (Monthly Rollup) | Critical | Remote Code Execution | 5037778 | Base: 9.8 Temporal: 8.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.24919 | Yes | None |
| Windows Server 2012 R2 | 5039294 (Monthly Rollup) | Critical | Remote Code Execution | 5037823 | Base: 9.8 Temporal: 8.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22023 | Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5039294 (Monthly Rollup) | Critical | Remote Code Execution | 5037823 | Base: 9.8 Temporal: 8.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22023 | Yes | None |
| Windows Server 2016 | 5039214 (Security Update) | Critical | Remote Code Execution | 5037763 | Base: 9.8 Temporal: 8.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2016 (Server Core installation) | 5039214 (Security Update) | Critical | Remote Code Execution | 5037763 | Base: 9.8 Temporal: 8.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2019 | 5039217 (Security Update) | Critical | Remote Code Execution | 5037765 | Base: 9.8 Temporal: 8.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2019 (Server Core installation) | 5039217 (Security Update) | Critical | Remote Code Execution | 5037765 | Base: 9.8 Temporal: 8.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2022 | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Critical | Remote Code Execution | 5037782 5037848 |
Base: 9.8 Temporal: 8.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022 (Server Core installation) | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Critical | Remote Code Execution | 5037782 5037848 |
Base: 9.8 Temporal: 8.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5039236 (Security Update) | Critical | Remote Code Execution | 5037781 | Base: 9.8 Temporal: 8.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.950 | Yes | None |
| CVE ID | Acknowledgements |
| CVE-2024-30080 | k0shl with Kunlun Lab |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2024-30082
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Win32k Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: None FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Mitigations: None Workarounds: None Revision: 1.0    06/11/2024     Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation More Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-30082 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 for 32-bit Systems | 5039225 (Security Update) | Important | Elevation of Privilege | 5037788 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.20680 | Yes | None |
| Windows 10 for x64-based Systems | 5039225 (Security Update) | Important | Elevation of Privilege | 5037788 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.20680 | Yes | None |
| Windows 10 Version 1607 for 32-bit Systems | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 1809 for ARM64-based Systems | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 21H2 for ARM64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 21H2 for x64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for 32-bit Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for ARM64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for x64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 11 version 21H2 for ARM64-based Systems | 5039213 (Security Update) | Important | Elevation of Privilege | 5037770 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 version 21H2 for x64-based Systems | 5039213 (Security Update) | Important | Elevation of Privilege | 5037770 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 Version 22H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Elevation of Privilege | 5037800 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Elevation of Privilege | 5037800 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Elevation of Privilege | 5037800 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Elevation of Privilege | 5037800 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5039289 (Monthly Rollup) 5039274 (Security Only) |
Important | Elevation of Privilege | 5037780 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.27170 | Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5039289 (Monthly Rollup) 5039274 (Security Only) |
Important | Elevation of Privilege | 5037780 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.27170 | Yes | None |
| Windows Server 2012 | 5039260 (Monthly Rollup) | Important | Elevation of Privilege | 5037778 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.24919 | Yes | None |
| Windows Server 2012 (Server Core installation) | 5039260 (Monthly Rollup) | Important | Elevation of Privilege | 5037778 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.24919 | Yes | None |
| Windows Server 2012 R2 | 5039294 (Monthly Rollup) | Important | Elevation of Privilege | 5037823 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22023 | Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5039294 (Monthly Rollup) | Important | Elevation of Privilege | 5037823 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22023 | Yes | None |
| Windows Server 2016 | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2016 (Server Core installation) | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2019 | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2019 (Server Core installation) | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2022 | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Elevation of Privilege | 5037782 5037848 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022 (Server Core installation) | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Elevation of Privilege | 5037782 5037848 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5039236 (Security Update) | Important | Elevation of Privilege | 5037781 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.950 | Yes | None |
| CVE ID | Acknowledgements |
| CVE-2024-30082 | Marcin Wiazowski with Trend Micro Zero Day Initiative |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2024-35250
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: None FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Mitigations: None Workarounds: None Revision: 1.0    06/11/2024     Information published. 1.1    06/11/2024     Updated acknowledgment. This is an informational change only. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation More Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-35250 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 for 32-bit Systems | 5039225 (Security Update) | Important | Elevation of Privilege | 5037788 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.20680 | Yes | None |
| Windows 10 for x64-based Systems | 5039225 (Security Update) | Important | Elevation of Privilege | 5037788 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.20680 | Yes | None |
| Windows 10 Version 1607 for 32-bit Systems | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 1809 for ARM64-based Systems | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 21H2 for ARM64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 21H2 for x64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for 32-bit Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for ARM64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for x64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 11 version 21H2 for ARM64-based Systems | 5039213 (Security Update) | Important | Elevation of Privilege | 5037770 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 version 21H2 for x64-based Systems | 5039213 (Security Update) | Important | Elevation of Privilege | 5037770 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 Version 22H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Elevation of Privilege | 5037800 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Elevation of Privilege | 5037800 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Elevation of Privilege | 5037800 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Elevation of Privilege | 5037800 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5039289 (Monthly Rollup) 5039274 (Security Only) |
Important | Elevation of Privilege | 5037780 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.27170 | Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5039289 (Monthly Rollup) 5039274 (Security Only) |
Important | Elevation of Privilege | 5037780 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.27170 | Yes | None |
| Windows Server 2012 | 5039260 (Monthly Rollup) | Important | Elevation of Privilege | 5037778 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.24919 | Yes | None |
| Windows Server 2012 (Server Core installation) | 5039260 (Monthly Rollup) | Important | Elevation of Privilege | 5037778 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.24919 | Yes | None |
| Windows Server 2012 R2 | 5039294 (Monthly Rollup) | Important | Elevation of Privilege | 5037823 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22023 | Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5039294 (Monthly Rollup) | Important | Elevation of Privilege | 5037823 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22023 | Yes | None |
| Windows Server 2016 | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2016 (Server Core installation) | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2019 | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2019 (Server Core installation) | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2022 | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Elevation of Privilege | 5037782 5037848 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022 (Server Core installation) | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Elevation of Privilege | 5037782 5037848 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5039236 (Security Update) | Important | Elevation of Privilege | 5037781 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.950 | Yes | None |
| CVE ID | Acknowledgements |
| CVE-2024-35250 | Angelboy (@scwuaptx) from DEVCORE Research Team
working with Trend Micro Zero Day Initiative Angelboy (@scwuaptx) with DEVCORE |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||||||||||||||
| CVE-2024-35255
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Executive Summary: None FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker who successfully exploited the vulnerability could elevate privileges and read any file on the file system with SYSTEM access permissions. According to the CVSS metric, Integrity and Availability impact is None (I:N/A:N). What does that mean for this vulnerability? An attacker who successfully exploits this vulnerability can only obtain read access to the system files by exploiting this vulnerability. The attacker cannot perform write or delete operations on the files. Which credential types provided by the Azure Identity client library are affected? The vulnerability exists in the following credential types:
Which credential types provided by the Microsoft Authentication Libraries are affected? The vulnerability exists in the following credential types:
**What versions of Microsoft Authentication Libraries (MSAL) are affected by this vulnerability? **
Mitigations: None Workarounds: None Revision: 1.0    06/11/2024     Information published. 2.0    06/11/2024     In the Security Updates table, removed Microsoft Authentication Library (MSAL) for Python as it is not affected by CVE-2024-35255. 2.1    06/12/2024     Added an FAQ. This is an information change only. 2.2    06/13/2024     Corrected Fixed Build Number and Download links in the Security Updates table. This is an informational change only. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-35255 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Identity Library for .NET | Release Notes (Security Update) | Important | Elevation of Privilege | None | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
1.11.4 | Maybe | None |
| Azure Identity Library for C++ | Release Notes (Security Update) | Important | Elevation of Privilege | None | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
1.8.0 | Maybe | None |
| Azure Identity Library for Go | Release Notes (Security Update) | Important | Elevation of Privilege | None | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
1.6.0 | Maybe | None |
| Azure Identity Library for Java | Release Notes (Security Update) | Important | Elevation of Privilege | None | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
1.12.2 | Maybe | None |
| Azure Identity Library for JavaScript | Release Notes (Security Update) | Important | Elevation of Privilege | None | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
4.2.1 | Maybe | None |
| Azure Identity Library for Python | Release Notes (Security Update) | Important | Elevation of Privilege | None | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
1.16.1 | Maybe | None |
| Microsoft Authentication Library (MSAL) for .NET | Release Notes (Security Update) | Important | Elevation of Privilege | None | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
4.61.3 | Maybe | None |
| Microsoft Authentication Library (MSAL) for Java | Release Notes (Security Update) | Important | Elevation of Privilege | None | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
1.15.1 | Maybe | None |
| Microsoft Authentication Library (MSAL) for Node.js | Release Notes (Security Update) | Important | Elevation of Privilege | None | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
2.9.2 | Maybe | None |
| CVE ID | Acknowledgements |
| CVE-2024-35255 | Vladimir Abramzon with Microsoft Eli Arbel with Microsoft |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2023-50868
MITRE NVD Issuing CNA: MITRE Corporation |
CVE Title: MITRE: CVE-2023-50868 NSEC3 closest encloser proof can exhaust CPU
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:6.5
Executive Summary: None FAQ: Why is the MITRE Corporation the assigning CNA (CVE Numbering Authority)? CVE-2023-50868 is regarding a vulnerability in DNSSEC validation where an attacker could exploit standard DNSSEC protocols intended for DNS integrity by using excessive resources on a resolver, causing a denial of service for legitimate users. MITRE created this CVE on their behalf. Please see CVE-2023-50868 for more information. Mitigations: None Workarounds: None Revision: 1.0    06/11/2024     Information published. |
Important | Denial of Service | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | Yes | No |
The following tables list the affected software details for the vulnerability.
| CVE-2023-50868 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows Server 2012 | 5039260 (Monthly Rollup) | Important | Denial of Service | 5037778 | Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.2.9200.24919 | Yes | None |
| Windows Server 2012 (Server Core installation) | 5039260 (Monthly Rollup) | Important | Denial of Service | 5037778 | Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.2.9200.24919 | Yes | None |
| Windows Server 2012 R2 | 5039294 (Monthly Rollup) | Important | Denial of Service | 5037823 | Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.3.9600.22023 | Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5039294 (Monthly Rollup) | Important | Denial of Service | 5037823 | Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.3.9600.22023 | Yes | None |
| Windows Server 2016 | 5039214 (Security Update) | Important | Denial of Service | 5037763 | Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2016 (Server Core installation) | 5039214 (Security Update) | Important | Denial of Service | 5037763 | Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2019 | 5039217 (Security Update) | Important | Denial of Service | 5037765 | Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2019 (Server Core installation) | 5039217 (Security Update) | Important | Denial of Service | 5037765 | Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2022 | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Denial of Service | 5037782 5037848 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022 (Server Core installation) | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Denial of Service | 5037782 5037848 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5039236 (Security Update) | Important | Denial of Service | 5037781 | Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.25398.950 | Yes | None |
| CVE ID | Acknowledgements |
| CVE-2023-50868 | Petr Špaček from Internet Systems Consortium (ISC) |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2024-29187
MITRE NVD Issuing CNA: GitHub |
CVE Title: GitHub: CVE-2024-29187 WiX Burn-based bundles are vulnerable to binary hijack when run as SYSTEM
CVSS: CVSS:3.1 Highest BaseScore:7.3/TemporalScore:6.4
Executive Summary: None FAQ: According to the CVSS metric, user interaction is required (UI:R) and privileges required is low (PR:L). What does that mean for this vulnerability? An authorized attacker must send the user a malicious file and convince the user to open it. Why is this GitHub CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Wix Toolset software which is consumed by Microsoft Visual Studio. It is being documented in the Security Update Guide to announce that the latest builds of Visual Studio are no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information. What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Mitigations: None Workarounds: None Revision: 1.0    06/11/2024     Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-29187 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) | Release Notes (Security Update) | Important | Elevation of Privilege | None | Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
15.9.63 | Maybe | None |
| Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10) | Release Notes (Security Update) | Important | Elevation of Privilege | None | Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.11.37 | Maybe | None |
| Microsoft Visual Studio 2022 version 17.10 | Release Notes (Security Update) | Important | Elevation of Privilege | None | Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
17.10.2 | Maybe | None |
| Microsoft Visual Studio 2022 version 17.4 | Release Notes (Security Update) | Important | Elevation of Privilege | None | Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
17.4.20 | Maybe | None |
| Microsoft Visual Studio 2022 version 17.6 | Release Notes (Security Update) | Important | Elevation of Privilege | None | Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
17.6.16 | Maybe | None |
| Microsoft Visual Studio 2022 version 17.8 | Release Notes (Security Update) | Important | Elevation of Privilege | None | Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
17.8.11 | Maybe | None |
| CVE ID | Acknowledgements |
| CVE-2024-29187 | Naceri with MSRC Vulnerabilities & Mitigations |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||
| CVE-2024-5493
MITRE NVD Issuing CNA: Chrome |
CVE Title: Chromium: CVE-2024-5493 Heap buffer overflow in WebRTC
CVSS: None Executive Summary: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. How can I see the version of the browser?
Mitigations: None Workarounds: None Revision: 1.0    06/03/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-5493 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft Edge (Chromium-based) | Release Notes (Security Update) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
125.0.2535.85 | No | None |
| CVE ID | Acknowledgements |
| CVE-2024-5493 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||
| CVE-2024-5498
MITRE NVD Issuing CNA: Chrome |
CVE Title: Chromium: CVE-2024-5498 Use after free in Presentation API
CVSS: None Executive Summary: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. How can I see the version of the browser?
Mitigations: None Workarounds: None Revision: 1.0    06/03/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-5498 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft Edge (Chromium-based) | Release Notes (Security Update) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
125.0.2535.85 | No | None |
| CVE ID | Acknowledgements |
| CVE-2024-5498 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||
| CVE-2024-5496
MITRE NVD Issuing CNA: Chrome |
CVE Title: Chromium: CVE-2024-5496 Use after free in Media Session
CVSS: None Executive Summary: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. How can I see the version of the browser?
Mitigations: None Workarounds: None Revision: 1.0    06/03/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-5496 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft Edge (Chromium-based) | Release Notes (Security Update) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
125.0.2535.85 | No | None |
| CVE ID | Acknowledgements |
| CVE-2024-5496 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||
| CVE-2024-5499
MITRE NVD Issuing CNA: Chrome |
CVE Title: Chromium: CVE-2024-5499 Out of bounds write in Streams API
CVSS: None Executive Summary: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. How can I see the version of the browser?
Mitigations: None Workarounds: None Revision: 1.0    06/03/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-5499 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft Edge (Chromium-based) | Release Notes (Security Update) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
125.0.2535.85 | No | None |
| CVE ID | Acknowledgements |
| CVE-2024-5499 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||
| CVE-2024-5494
MITRE NVD Issuing CNA: Chrome |
CVE Title: Chromium: CVE-2024-5494 Use after free in Dawn
CVSS: None Executive Summary: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. How can I see the version of the browser?
Mitigations: None Workarounds: None Revision: 1.0    06/03/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-5494 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft Edge (Chromium-based) | Release Notes (Security Update) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
125.0.2535.85 | No | None |
| CVE ID | Acknowledgements |
| CVE-2024-5494 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||
| CVE-2024-5497
MITRE NVD Issuing CNA: Chrome |
CVE Title: Chromium: CVE-2024-5497 Out of bounds memory access in Keyboard Inputs
CVSS: None Executive Summary: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. How can I see the version of the browser?
Mitigations: None Workarounds: None Revision: 1.0    06/03/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-5497 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft Edge (Chromium-based) | Release Notes (Security Update) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
125.0.2535.85 | No | None |
| CVE ID | Acknowledgements |
| CVE-2024-5497 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||
| CVE-2024-5495
MITRE NVD Issuing CNA: Chrome |
CVE Title: Chromium: CVE-2024-5495 Use after free in Dawn
CVSS: None Executive Summary: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. How can I see the version of the browser?
Mitigations: None Workarounds: None Revision: 1.0    06/03/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-5495 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft Edge (Chromium-based) | Release Notes (Security Update) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
125.0.2535.85 | No | None |
| CVE ID | Acknowledgements |
| CVE-2024-5495 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||
| CVE-2024-6103
MITRE NVD Issuing CNA: Chrome |
CVE Title: Chromium: CVE-2024-6103: Use after free in Dawn
CVSS: None Executive Summary: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ:
Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. How can I see the version of the browser?
Mitigations: None Workarounds: None Revision: 1.0    06/20/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-6103 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft Edge (Chromium-based) | Release Notes (Security Update) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
126.0.2592.68 | No | None |
| CVE ID | Acknowledgements |
| CVE-2024-6103 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||
| CVE-2024-6102
MITRE NVD Issuing CNA: Chrome |
CVE Title: Chromium: CVE-2024-6102: Out of bounds memory access in Dawn
CVSS: None Executive Summary: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ:
Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. How can I see the version of the browser?
Mitigations: None Workarounds: None Revision: 1.0    06/20/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-6102 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft Edge (Chromium-based) | Release Notes (Security Update) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
126.0.2592.68 | No | None |
| CVE ID | Acknowledgements |
| CVE-2024-6102 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||
| CVE-2024-6101
MITRE NVD Issuing CNA: Chrome |
CVE Title: Chromium: CVE-2024-6101: Inappropriate implementation in WebAssembly
CVSS: None Executive Summary: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ:
Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. How can I see the version of the browser?
Mitigations: None Workarounds: None Revision: 1.0    06/20/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-6101 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft Edge (Chromium-based) | Release Notes (Security Update) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
126.0.2592.68 | No | None |
| CVE ID | Acknowledgements |
| CVE-2024-6101 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||
| CVE-2024-6100
MITRE NVD Issuing CNA: Chrome |
CVE Title: Chromium: CVE-2024-6100 Type Confusion in V8
CVSS: None Executive Summary: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ:
Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. How can I see the version of the browser?
Mitigations: None Workarounds: None Revision: 1.0    06/20/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-6100 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft Edge (Chromium-based) | Release Notes (Security Update) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
126.0.2592.68 | No | None |
| CVE ID | Acknowledgements |
| CVE-2024-6100 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||||||||||
| CVE-2024-38093
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft Edge (Chromium-based) Spoofing Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:4.3/TemporalScore:3.8
Executive Summary: None FAQ: According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? The user would have to click on a specially crafted URL to be compromised by the attacker.
According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of integrity (I:L)? What does that mean for this vulnerability? An attacker who successfully exploited this vulnerability could cover and spoof elements of the UI. The modified information is only visual. Mitigations: None Workarounds: None Revision: 1.0    06/20/2024     Information published. |
Moderate | Spoofing | ||||||||||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-38093 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft Edge (Chromium-based) | Release Notes (Security Update) | Moderate | Spoofing | None | Base: 4.3 Temporal: 3.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C |
126.0.2592.68 | No | None |
| CVE ID | Acknowledgements |
| CVE-2024-38093 | Renwa |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||||||||||
| CVE-2024-38082
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft Edge (Chromium-based) Spoofing Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:4.7/TemporalScore:4.1
Executive Summary: None FAQ: According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? The user would have to click on a specially crafted URL to be compromised by the attacker. According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of integrity (I:L)? What does that mean for this vulnerability? The attacker is only able to modify the content of the vulnerable link to redirect the victim to a malicious site. According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability? The vulnerability is in the web server, but the malicious scripts execute in the victim’s browser on their machine.
Mitigations: None Workarounds: None Revision: 1.0    06/20/2024     Information published. 1.1    06/25/2024     Updated the severity of the products in the Security Updates table. This is an informational change only. 1.2    06/26/2024     Updated CWE value. This is an informational change only. |
Low | Spoofing | ||||||||||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-38082 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft Edge (Chromium-based) | Release Notes (Security Update) | Low | Spoofing | None | Base: 4.7 Temporal: 4.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N/E:U/RL:O/RC:C |
126.0.2592.68 | No | None |
| CVE ID | Acknowledgements |
| CVE-2024-38082 |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2024-35260
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft Dataverse Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:8/TemporalScore:7
Executive Summary: An authenticated attacker can exploit an Untrusted Search Path vulnerability in Microsoft Dataverse to execute code over a network. FAQ: Why are there no links to an update or instructions with steps that must be taken to protect from this vulnerability? This vulnerability has already been fully mitigated by Microsoft. There is no action for users of this service to take. This purpose of this CVE is to provide further transparency. Please see Toward greater transparency: Unveiling Cloud Service CVEs for more information. Mitigations: None Workarounds: None Revision: 1.0    06/27/2024     Information published. |
Critical | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation More Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-35260 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft Power Platform | Critical | Remote Code Execution | None | Base: 8 Temporal: 7 Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
Unknown | Unknown | None | |
| CVE ID | Acknowledgements |
| CVE-2024-35260 | Erik Donker |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2024-29060
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Visual Studio Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:6.7/TemporalScore:5.8
Executive Summary: None FAQ: According to the CVSS metric, user interaction is required (UI:R) and privileges required is Low (PR:L). What does that mean for this vulnerability? An authorized attacker could create a malicious extension and then wait for an authenticated user to create a new Visual Studio project that uses that extension. The result is that the attacker could gain the privileges of the user. What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker who successfully exploited this vulnerability could gain administrator privileges. According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment and take additional actions prior to exploitation to prepare the target environment. According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of availability (A:L)? What does that mean for this vulnerability? The performance can be interrupted and/or reduced, but the attacker cannot fully deny service. Mitigations: None Workarounds: None Revision: 1.0    06/11/2024     Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-29060 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) | Release Notes (Security Update) | Important | Elevation of Privilege | None | Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L/E:U/RL:O/RC:C |
15.9.63 | Maybe | None |
| Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10) | Release Notes (Security Update) | Important | Elevation of Privilege | None | Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L/E:U/RL:O/RC:C |
16.11.37 | Maybe | None |
| Microsoft Visual Studio 2022 version 17.10 | Release Notes (Security Update) | Important | Elevation of Privilege | None | Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L/E:U/RL:O/RC:C |
17.10.2 | Maybe | None |
| Microsoft Visual Studio 2022 version 17.4 | Release Notes (Security Update) | Important | Elevation of Privilege | None | Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L/E:U/RL:O/RC:C |
17.4.20 | Maybe | None |
| Microsoft Visual Studio 2022 version 17.6 | Release Notes (Security Update) | Important | Elevation of Privilege | None | Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L/E:U/RL:O/RC:C |
17.6.16 | Maybe | None |
| Microsoft Visual Studio 2022 version 17.8 | Release Notes (Security Update) | Important | Elevation of Privilege | None | Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L/E:U/RL:O/RC:C |
17.8.11 | Maybe | None |
| CVE ID | Acknowledgements |
| CVE-2024-29060 | Filip Dragović |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2024-30062
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Standards-Based Storage Management Service Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7
Executive Summary: None FAQ: According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? A user would have to restart the compromised service on the server to trigger the vulnerability. According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability. Mitigations: None Workarounds: None Revision: 1.0    06/11/2024     Information published. |
Important | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-30062 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows Server 2012 R2 | 5039294 (Monthly Rollup) | Important | Remote Code Execution | 5037823 | Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
6.3.9600.22023 | Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5039294 (Monthly Rollup) | Important | Remote Code Execution | 5037823 | Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
6.3.9600.22023 | Yes | None |
| Windows Server 2016 | 5039214 (Security Update) | Important | Remote Code Execution | 5037763 | Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2016 (Server Core installation) | 5039214 (Security Update) | Important | Remote Code Execution | 5037763 | Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2019 | 5039217 (Security Update) | Important | Remote Code Execution | 5037765 | Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2019 (Server Core installation) | 5039217 (Security Update) | Important | Remote Code Execution | 5037765 | Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2022 | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Remote Code Execution | 5037782 5037848 |
Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022 (Server Core installation) | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Remote Code Execution | 5037782 5037848 |
Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| CVE ID | Acknowledgements |
| CVE-2024-30062 | k0shl with Kunlun Lab |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2024-30063
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Distributed File System (DFS) Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:6.7/TemporalScore:5.8
Executive Summary: None FAQ: According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? This vulnerability could be triggered when a user connects a Windows client to a malicious server. According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to have obtained low privileged code execution on target host first. According to the CVSS score, the attack vector is adjacent (AV:A). What does this mean for this vulnerability? Exploiting this vulnerability requires an attacker to be on the same network segment as the target system. Traffic associated with exploitation of this vulnerability is not routable and is bound to the data link layer of the OSI model. Mitigations: None Workarounds: None Revision: 1.0    06/11/2024     Information published. |
Important | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-30063 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 for 32-bit Systems | 5039225 (Security Update) | Important | Remote Code Execution | 5037788 | Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.10240.20680 | Yes | None |
| Windows 10 for x64-based Systems | 5039225 (Security Update) | Important | Remote Code Execution | 5037788 | Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.10240.20680 | Yes | None |
| Windows 10 Version 1607 for 32-bit Systems | 5039214 (Security Update) | Important | Remote Code Execution | 5037763 | Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5039214 (Security Update) | Important | Remote Code Execution | 5037763 | Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5039217 (Security Update) | Important | Remote Code Execution | 5037765 | Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 1809 for ARM64-based Systems | 5039217 (Security Update) | Important | Remote Code Execution | 5037765 | Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5039217 (Security Update) | Important | Remote Code Execution | 5037765 | Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5039211 (Security Update) | Important | Remote Code Execution | 5037768 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 21H2 for ARM64-based Systems | 5039211 (Security Update) | Important | Remote Code Execution | 5037768 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 21H2 for x64-based Systems | 5039211 (Security Update) | Important | Remote Code Execution | 5037768 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for 32-bit Systems | 5039211 (Security Update) | Important | Remote Code Execution | 5037768 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for ARM64-based Systems | 5039211 (Security Update) | Important | Remote Code Execution | 5037768 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for x64-based Systems | 5039211 (Security Update) | Important | Remote Code Execution | 5037768 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 11 version 21H2 for ARM64-based Systems | 5039213 (Security Update) | Important | Remote Code Execution | 5037770 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 version 21H2 for x64-based Systems | 5039213 (Security Update) | Important | Remote Code Execution | 5037770 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 Version 22H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Remote Code Execution | 5037771 | Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5039212 (Security Update) | Important | Remote Code Execution | 5037771 | Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Remote Code Execution | 5037771 | Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5039212 (Security Update) | Important | Remote Code Execution | 5037771 | Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Remote Code Execution | 5037800 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Remote Code Execution | 5037800 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Remote Code Execution | 5037800 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Remote Code Execution | 5037800 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5039289 (Monthly Rollup) 5039274 (Security Only) |
Important | Remote Code Execution | 5037780 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
6.1.7601.27170 | Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5039289 (Monthly Rollup) 5039274 (Security Only) |
Important | Remote Code Execution | 5037780 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
6.1.7601.27170 | Yes | None |
| Windows Server 2012 | 5039260 (Monthly Rollup) | Important | Remote Code Execution | 5037778 | Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
6.2.9200.24919 | Yes | None |
| Windows Server 2012 (Server Core installation) | 5039260 (Monthly Rollup) | Important | Remote Code Execution | 5037778 | Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
6.2.9200.24919 | Yes | None |
| Windows Server 2012 R2 | 5039294 (Monthly Rollup) | Important | Remote Code Execution | 5037823 | Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
6.3.9600.22023 | Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5039294 (Monthly Rollup) | Important | Remote Code Execution | 5037823 | Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
6.3.9600.22023 | Yes | None |
| Windows Server 2016 | 5039214 (Security Update) | Important | Remote Code Execution | 5037763 | Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2016 (Server Core installation) | 5039214 (Security Update) | Important | Remote Code Execution | 5037763 | Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2019 | 5039217 (Security Update) | Important | Remote Code Execution | 5037765 | Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2019 (Server Core installation) | 5039217 (Security Update) | Important | Remote Code Execution | 5037765 | Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2022 | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Remote Code Execution | 5037782 5037848 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022 (Server Core installation) | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Remote Code Execution | 5037782 5037848 |
Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5039236 (Security Update) | Important | Remote Code Execution | 5037781 | Base: 6.7 Temporal: 5.8 Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C |
10.0.25398.950 | Yes | None |
| CVE ID | Acknowledgements |
| CVE-2024-30063 | Anonymous |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2024-30064
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Kernel Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Executive Summary: None FAQ: According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability? This vulnerability could lead to a contained execution environment escape. Please refer to AppContainer Isolation for more information. How could an attacker exploit this vulnerability? To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. What privileges could an attacker gain with a successful exploitation? An attacker who successfully exploited this vulnerability could gain unauthorized access to system resources, potentially allowing them to perform actions with the same privileges as the compromised process. This could lead to further system compromise and unauthorized actions within the network. Mitigations: None Workarounds: None Revision: 1.0    06/11/2024     Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-30064 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows Server 2022 | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Elevation of Privilege | 5037782 5037848 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022 (Server Core installation) | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Elevation of Privilege | 5037782 5037848 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5039236 (Security Update) | Important | Elevation of Privilege | 5037781 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.950 | Yes | None |
| CVE ID | Acknowledgements |
| CVE-2024-30064 | k0shl with Kunlun Lab |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2024-30065
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Themes Denial of Service Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/11/2024     Information published. |
Important | Denial of Service | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-30065 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 for 32-bit Systems | 5039225 (Security Update) | Important | Denial of Service | 5037788 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.10240.20680 | Yes | None |
| Windows 10 for x64-based Systems | 5039225 (Security Update) | Important | Denial of Service | 5037788 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.10240.20680 | Yes | None |
| Windows 10 Version 1607 for 32-bit Systems | 5039214 (Security Update) | Important | Denial of Service | 5037763 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5039214 (Security Update) | Important | Denial of Service | 5037763 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5039217 (Security Update) | Important | Denial of Service | 5037765 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 1809 for ARM64-based Systems | 5039217 (Security Update) | Important | Denial of Service | 5037765 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5039217 (Security Update) | Important | Denial of Service | 5037765 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5039211 (Security Update) | Important | Denial of Service | 5037768 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 21H2 for ARM64-based Systems | 5039211 (Security Update) | Important | Denial of Service | 5037768 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 21H2 for x64-based Systems | 5039211 (Security Update) | Important | Denial of Service | 5037768 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for 32-bit Systems | 5039211 (Security Update) | Important | Denial of Service | 5037768 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for ARM64-based Systems | 5039211 (Security Update) | Important | Denial of Service | 5037768 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for x64-based Systems | 5039211 (Security Update) | Important | Denial of Service | 5037768 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 11 version 21H2 for ARM64-based Systems | 5039213 (Security Update) | Important | Denial of Service | 5037770 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 version 21H2 for x64-based Systems | 5039213 (Security Update) | Important | Denial of Service | 5037770 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 Version 22H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Denial of Service | 5037771 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5039212 (Security Update) | Important | Denial of Service | 5037771 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Denial of Service | 5037771 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5039212 (Security Update) | Important | Denial of Service | 5037771 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows Server 2012 | 5039260 (Monthly Rollup) | Important | Denial of Service | 5037778 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.2.9200.24919 | Yes | None |
| Windows Server 2012 (Server Core installation) | 5039260 (Monthly Rollup) | Important | Denial of Service | 5037778 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.2.9200.24919 | Yes | None |
| Windows Server 2012 R2 | 5039294 (Monthly Rollup) | Important | Denial of Service | 5037823 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.3.9600.22023 | Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5039294 (Monthly Rollup) | Important | Denial of Service | 5037823 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.3.9600.22023 | Yes | None |
| Windows Server 2016 | 5039214 (Security Update) | Important | Denial of Service | 5037763 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2016 (Server Core installation) | 5039214 (Security Update) | Important | Denial of Service | 5037763 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2019 | 5039217 (Security Update) | Important | Denial of Service | 5037765 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2019 (Server Core installation) | 5039217 (Security Update) | Important | Denial of Service | 5037765 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2022 | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Denial of Service | 5037782 5037848 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022 (Server Core installation) | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Denial of Service | 5037782 5037848 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5039236 (Security Update) | Important | Denial of Service | 5037781 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.25398.950 | Yes | None |
| CVE ID | Acknowledgements |
| CVE-2024-30065 | goodbyeselene |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2024-30066
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Winlogon Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Executive Summary: None FAQ: According to the CVSS metrics, successful exploitation of this vulnerability could lead to major loss of integrity (I:H). What does that mean for this vulnerability? An authenticated attacker could replace valid file content with specially crafted file content. What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker who successfully exploited this vulnerability could gain specific limited SYSTEM privileges. Mitigations: None Workarounds: None Revision: 1.0    06/11/2024     Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-30066 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 for 32-bit Systems | 5039225 (Security Update) | Important | Elevation of Privilege | 5037788 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.10240.20680 | Yes | None |
| Windows 10 for x64-based Systems | 5039225 (Security Update) | Important | Elevation of Privilege | 5037788 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.10240.20680 | Yes | None |
| Windows 10 Version 1607 for 32-bit Systems | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 1809 for ARM64-based Systems | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 21H2 for ARM64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 21H2 for x64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for 32-bit Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for ARM64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for x64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 11 version 21H2 for ARM64-based Systems | 5039213 (Security Update) | Important | Elevation of Privilege | 5037770 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 version 21H2 for x64-based Systems | 5039213 (Security Update) | Important | Elevation of Privilege | 5037770 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 Version 22H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows Server 2012 | 5039260 (Monthly Rollup) | Important | Elevation of Privilege | 5037778 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
6.2.9200.24919 | Yes | None |
| Windows Server 2012 (Server Core installation) | 5039260 (Monthly Rollup) | Important | Elevation of Privilege | 5037778 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
6.2.9200.24919 | Yes | None |
| Windows Server 2012 R2 | 5039294 (Monthly Rollup) | Important | Elevation of Privilege | 5037823 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
6.3.9600.22023 | Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5039294 (Monthly Rollup) | Important | Elevation of Privilege | 5037823 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
6.3.9600.22023 | Yes | None |
| Windows Server 2016 | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2016 (Server Core installation) | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2019 | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2019 (Server Core installation) | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2022 | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Elevation of Privilege | 5037782 5037848 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022 (Server Core installation) | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Elevation of Privilege | 5037782 5037848 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5039236 (Security Update) | Important | Elevation of Privilege | 5037781 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.25398.950 | Yes | None |
| CVE ID | Acknowledgements |
| CVE-2024-30066 | goodbyeselene |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2024-30067
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Winlogon Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Executive Summary: None FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker who successfully exploited this vulnerability could gain specific limited SYSTEM privileges. According to the CVSS metrics, successful exploitation of this vulnerability could lead to major loss of integrity (I:H). What does that mean for this vulnerability? An authenticated attacker could replace valid file content with specially crafted file content. Mitigations: None Workarounds: None Revision: 1.0    06/11/2024     Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-30067 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 for 32-bit Systems | 5039225 (Security Update) | Important | Elevation of Privilege | 5037788 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.10240.20680 | Yes | None |
| Windows 10 for x64-based Systems | 5039225 (Security Update) | Important | Elevation of Privilege | 5037788 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.10240.20680 | Yes | None |
| Windows 10 Version 1607 for 32-bit Systems | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 1809 for ARM64-based Systems | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 21H2 for ARM64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 21H2 for x64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for 32-bit Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for ARM64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for x64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 11 version 21H2 for ARM64-based Systems | 5039213 (Security Update) | Important | Elevation of Privilege | 5037770 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 version 21H2 for x64-based Systems | 5039213 (Security Update) | Important | Elevation of Privilege | 5037770 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 Version 22H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows Server 2012 | 5039260 (Monthly Rollup) | Important | Elevation of Privilege | 5037778 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
6.2.9200.24919 | Yes | None |
| Windows Server 2012 (Server Core installation) | 5039260 (Monthly Rollup) | Important | Elevation of Privilege | 5037778 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
6.2.9200.24919 | Yes | None |
| Windows Server 2012 R2 | 5039294 (Monthly Rollup) | Important | Elevation of Privilege | 5037823 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
6.3.9600.22023 | Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5039294 (Monthly Rollup) | Important | Elevation of Privilege | 5037823 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
6.3.9600.22023 | Yes | None |
| Windows Server 2016 | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2016 (Server Core installation) | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2019 | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2019 (Server Core installation) | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2022 | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Elevation of Privilege | 5037782 5037848 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022 (Server Core installation) | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Elevation of Privilege | 5037782 5037848 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5039236 (Security Update) | Important | Elevation of Privilege | 5037781 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
10.0.25398.950 | Yes | None |
| CVE ID | Acknowledgements |
| CVE-2024-30067 | goodbyeselene |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2024-30068
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Kernel Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Executive Summary: None FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. According to the CVSS metric, successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability? In this case, a successful attack could be performed from a low privilege AppContainer. The attacker could elevate their privileges and execute code or access resources at a higher integrity level than that of the AppContainer execution environment. How could an attacker exploit this vulnerability? To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. Mitigations: None Workarounds: None Revision: 1.0    06/11/2024     Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-30068 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 for 32-bit Systems | 5039225 (Security Update) | Important | Elevation of Privilege | 5037788 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.20680 | Yes | None |
| Windows 10 for x64-based Systems | 5039225 (Security Update) | Important | Elevation of Privilege | 5037788 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.20680 | Yes | None |
| Windows 10 Version 1607 for 32-bit Systems | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 1809 for ARM64-based Systems | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 21H2 for ARM64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 21H2 for x64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for 32-bit Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for ARM64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for x64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 11 version 21H2 for ARM64-based Systems | 5039213 (Security Update) | Important | Elevation of Privilege | 5037770 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 version 21H2 for x64-based Systems | 5039213 (Security Update) | Important | Elevation of Privilege | 5037770 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 Version 22H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows Server 2016 | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2016 (Server Core installation) | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2019 | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2019 (Server Core installation) | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2022 | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Elevation of Privilege | 5037782 5037848 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022 (Server Core installation) | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Elevation of Privilege | 5037782 5037848 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5039236 (Security Update) | Important | Elevation of Privilege | 5037781 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.950 | Yes | None |
| CVE ID | Acknowledgements |
| CVE-2024-30068 | Anonymous |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2024-30083
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Standards-Based Storage Management Service Denial of Service Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:6.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/11/2024     Information published. |
Important | Denial of Service | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-30083 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows Server 2012 R2 | 5039294 (Monthly Rollup) | Important | Denial of Service | 5037823 | Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.3.9600.22023 | Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5039294 (Monthly Rollup) | Important | Denial of Service | 5037823 | Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
6.3.9600.22023 | Yes | None |
| Windows Server 2016 | 5039214 (Security Update) | Important | Denial of Service | 5037763 | Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2016 (Server Core installation) | 5039214 (Security Update) | Important | Denial of Service | 5037763 | Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2019 | 5039217 (Security Update) | Important | Denial of Service | 5037765 | Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2019 (Server Core installation) | 5039217 (Security Update) | Important | Denial of Service | 5037765 | Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2022 | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Denial of Service | 5037782 5037848 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022 (Server Core installation) | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Denial of Service | 5037782 5037848 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| CVE ID | Acknowledgements |
| CVE-2024-30083 | Azure Yang with Kunlun Lab |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2024-30084
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7/TemporalScore:6.1
Executive Summary: None FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Mitigations: None Workarounds: None Revision: 1.1    06/11/2024     Updated acknowledgment. This is an informational change only. 1.0    06/11/2024     Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation More Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-30084 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 for 32-bit Systems | 5039225 (Security Update) | Important | Elevation of Privilege | 5037788 | Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.20680 | Yes | None |
| Windows 10 for x64-based Systems | 5039225 (Security Update) | Important | Elevation of Privilege | 5037788 | Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.20680 | Yes | None |
| Windows 10 Version 1607 for 32-bit Systems | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 1809 for ARM64-based Systems | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 21H2 for ARM64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 21H2 for x64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for 32-bit Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for ARM64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for x64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 11 version 21H2 for ARM64-based Systems | 5039213 (Security Update) | Important | Elevation of Privilege | 5037770 |
Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 version 21H2 for x64-based Systems | 5039213 (Security Update) | Important | Elevation of Privilege | 5037770 |
Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 Version 22H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Elevation of Privilege | 5037800 |
Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Elevation of Privilege | 5037800 |
Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Elevation of Privilege | 5037800 |
Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Elevation of Privilege | 5037800 |
Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5039289 (Monthly Rollup) 5039274 (Security Only) |
Important | Elevation of Privilege | 5037780 |
Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.27170 | Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5039289 (Monthly Rollup) 5039274 (Security Only) |
Important | Elevation of Privilege | 5037780 |
Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.27170 | Yes | None |
| Windows Server 2012 | 5039260 (Monthly Rollup) | Important | Elevation of Privilege | 5037778 | Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.24919 | Yes | None |
| Windows Server 2012 (Server Core installation) | 5039260 (Monthly Rollup) | Important | Elevation of Privilege | 5037778 | Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.24919 | Yes | None |
| Windows Server 2012 R2 | 5039294 (Monthly Rollup) | Important | Elevation of Privilege | 5037823 | Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22023 | Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5039294 (Monthly Rollup) | Important | Elevation of Privilege | 5037823 | Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22023 | Yes | None |
| Windows Server 2016 | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2016 (Server Core installation) | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2019 | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2019 (Server Core installation) | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2022 | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Elevation of Privilege | 5037782 5037848 |
Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022 (Server Core installation) | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Elevation of Privilege | 5037782 5037848 |
Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5039236 (Security Update) | Important | Elevation of Privilege | 5037781 | Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.950 | Yes | None |
| CVE ID | Acknowledgements |
| CVE-2024-30084 | Angelboy (@scwuaptx) from DEVCORE Research Team working with Trend Micro Zero Day Initiative |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2024-30085
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7
Executive Summary: None FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Mitigations: None Workarounds: None Revision: 1.1    06/11/2024     Updated acknowledgment. This is an informational change only. 1.0    06/11/2024     Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation More Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-30085 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1809 for 32-bit Systems | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 1809 for ARM64-based Systems | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 21H2 for ARM64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 21H2 for x64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for 32-bit Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for ARM64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for x64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 11 version 21H2 for ARM64-based Systems | 5039213 (Security Update) | Important | Elevation of Privilege | 5037770 |
Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 version 21H2 for x64-based Systems | 5039213 (Security Update) | Important | Elevation of Privilege | 5037770 |
Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 Version 22H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows Server 2019 | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2019 (Server Core installation) | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2022 | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Elevation of Privilege | 5037782 5037848 |
Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022 (Server Core installation) | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Elevation of Privilege | 5037782 5037848 |
Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5039236 (Security Update) | Important | Elevation of Privilege | 5037781 | Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.25398.950 | Yes | None |
| CVE ID | Acknowledgements |
| CVE-2024-30085 | Gwangun Jung(@pr0ln) and Junoh Lee(@bbbig12) at Theori(@theori_io) working with Trend Micro Zero Day Initiative Alex Birnberg for TyphoonPWN24 Anonymous with SSD Secure Disclosure |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2024-30086
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: None FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Mitigations: None Workarounds: None Revision: 1.1    06/11/2024     Updated acknowledgment. This is an informational change only. 1.0    06/11/2024     Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation More Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-30086 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 for 32-bit Systems | 5039225 (Security Update) | Important | Elevation of Privilege | 5037788 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.20680 | Yes | None |
| Windows 10 for x64-based Systems | 5039225 (Security Update) | Important | Elevation of Privilege | 5037788 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.20680 | Yes | None |
| Windows 10 Version 1607 for 32-bit Systems | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 1809 for ARM64-based Systems | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 21H2 for ARM64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 21H2 for x64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for 32-bit Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for ARM64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for x64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 11 version 21H2 for ARM64-based Systems | 5039213 (Security Update) | Important | Elevation of Privilege | 5037770 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 version 21H2 for x64-based Systems | 5039213 (Security Update) | Important | Elevation of Privilege | 5037770 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 Version 22H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows Server 2012 | 5039260 (Monthly Rollup) | Important | Elevation of Privilege | 5037778 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.24919 | Yes | None |
| Windows Server 2012 (Server Core installation) | 5039260 (Monthly Rollup) | Important | Elevation of Privilege | 5037778 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.24919 | Yes | None |
| Windows Server 2012 R2 | 5039294 (Monthly Rollup) | Important | Elevation of Privilege | 5037823 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22023 | Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5039294 (Monthly Rollup) | Important | Elevation of Privilege | 5037823 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22023 | Yes | None |
| Windows Server 2016 | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2016 (Server Core installation) | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2019 | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2019 (Server Core installation) | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2022 | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Elevation of Privilege | 5037782 5037848 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022 (Server Core installation) | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Elevation of Privilege | 5037782 5037848 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5039236 (Security Update) | Important | Elevation of Privilege | 5037781 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.950 | Yes | None |
| CVE ID | Acknowledgements |
| CVE-2024-30086 | Bruno Pujos from REverse Tactics working with Trend Micro Zero Day Initiative |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2024-30087
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Win32k Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: None FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? The attacker would gain the rights of the user that is running the affected application. Mitigations: None Workarounds: None Revision: 1.0    06/11/2024     Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation More Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-30087 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 for 32-bit Systems | 5039225 (Security Update) | Important | Elevation of Privilege | 5037788 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.20680 | Yes | None |
| Windows 10 for x64-based Systems | 5039225 (Security Update) | Important | Elevation of Privilege | 5037788 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.20680 | Yes | None |
| Windows 10 Version 1607 for 32-bit Systems | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 1809 for ARM64-based Systems | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 21H2 for ARM64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 21H2 for x64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for 32-bit Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for ARM64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for x64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 11 version 21H2 for ARM64-based Systems | 5039213 (Security Update) | Important | Elevation of Privilege | 5037770 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 version 21H2 for x64-based Systems | 5039213 (Security Update) | Important | Elevation of Privilege | 5037770 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 Version 22H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Elevation of Privilege | 5037800 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Elevation of Privilege | 5037800 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Elevation of Privilege | 5037800 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Elevation of Privilege | 5037800 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5039289 (Monthly Rollup) 5039274 (Security Only) |
Important | Elevation of Privilege | 5037780 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.27170 | Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5039289 (Monthly Rollup) 5039274 (Security Only) |
Important | Elevation of Privilege | 5037780 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.27170 | Yes | None |
| Windows Server 2012 | 5039260 (Monthly Rollup) | Important | Elevation of Privilege | 5037778 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.24919 | Yes | None |
| Windows Server 2012 (Server Core installation) | 5039260 (Monthly Rollup) | Important | Elevation of Privilege | 5037778 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.24919 | Yes | None |
| Windows Server 2012 R2 | 5039294 (Monthly Rollup) | Important | Elevation of Privilege | 5037823 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22023 | Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5039294 (Monthly Rollup) | Important | Elevation of Privilege | 5037823 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22023 | Yes | None |
| Windows Server 2016 | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2016 (Server Core installation) | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2019 | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2019 (Server Core installation) | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2022 | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Elevation of Privilege | 5037782 5037848 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022 (Server Core installation) | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Elevation of Privilege | 5037782 5037848 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5039236 (Security Update) | Important | Elevation of Privilege | 5037781 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.950 | Yes | None |
| CVE ID | Acknowledgements |
| CVE-2024-30087 | Marcin Wiazowski with Trend Micro Zero Day Initiative |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2024-30088
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Kernel Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7/TemporalScore:6.3
Executive Summary: None FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. Mitigations: None Workarounds: None Revision: 1.0    06/11/2024     Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation More Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-30088 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 for 32-bit Systems | 5039225 (Security Update) | Important | Elevation of Privilege | 5037788 | Base: 7 Temporal: 6.3 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.10240.20680 | Yes | None |
| Windows 10 for x64-based Systems | 5039225 (Security Update) | Important | Elevation of Privilege | 5037788 | Base: 7 Temporal: 6.3 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.10240.20680 | Yes | None |
| Windows 10 Version 1607 for 32-bit Systems | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 7 Temporal: 6.3 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 7 Temporal: 6.3 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7 Temporal: 6.3 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 1809 for ARM64-based Systems | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7 Temporal: 6.3 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7 Temporal: 6.3 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7 Temporal: 6.3 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 21H2 for ARM64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7 Temporal: 6.3 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 21H2 for x64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7 Temporal: 6.3 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for 32-bit Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7 Temporal: 6.3 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for ARM64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7 Temporal: 6.3 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for x64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7 Temporal: 6.3 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 11 version 21H2 for ARM64-based Systems | 5039213 (Security Update) | Important | Elevation of Privilege | 5037770 |
Base: 7 Temporal: 6.3 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 version 21H2 for x64-based Systems | 5039213 (Security Update) | Important | Elevation of Privilege | 5037770 |
Base: 7 Temporal: 6.3 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 Version 22H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 7 Temporal: 6.3 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 7 Temporal: 6.3 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 7 Temporal: 6.3 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 7 Temporal: 6.3 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows Server 2016 | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 7 Temporal: 6.3 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2016 (Server Core installation) | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 7 Temporal: 6.3 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2019 | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7 Temporal: 6.3 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2019 (Server Core installation) | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7 Temporal: 6.3 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2022 | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Elevation of Privilege | 5037782 5037848 |
Base: 7 Temporal: 6.3 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022 (Server Core installation) | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Elevation of Privilege | 5037782 5037848 |
Base: 7 Temporal: 6.3 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5039236 (Security Update) | Important | Elevation of Privilege | 5037781 | Base: 7 Temporal: 6.3 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.25398.950 | Yes | None |
| CVE ID | Acknowledgements |
| CVE-2024-30088 | Emma Kirkpatrick (@carrot_c4k3) working with Trend Micro Zero Day Initiative |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2024-30089
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft Streaming Service Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: None FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Mitigations: None Workarounds: None Revision: 1.0    06/11/2024     Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation More Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-30089 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1809 for 32-bit Systems | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 1809 for ARM64-based Systems | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 21H2 for ARM64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 21H2 for x64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for 32-bit Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for ARM64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for x64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 11 version 21H2 for ARM64-based Systems | 5039213 (Security Update) | Important | Elevation of Privilege | 5037770 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 version 21H2 for x64-based Systems | 5039213 (Security Update) | Important | Elevation of Privilege | 5037770 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 Version 22H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows Server 2019 | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2019 (Server Core installation) | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2022 | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Elevation of Privilege | 5037782 5037848 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022 (Server Core installation) | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Elevation of Privilege | 5037782 5037848 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5039236 (Security Update) | Important | Elevation of Privilege | 5037781 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.950 | Yes | None |
| CVE ID | Acknowledgements |
| CVE-2024-30089 | Valentina Palmiotti (@chompie1337) of IBM X-Force working with Trend Micro Zero Day Initiative |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2024-30090
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft Streaming Service Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7/TemporalScore:6.1
Executive Summary: None FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. Mitigations: None Workarounds: None Revision: 1.0    06/11/2024     Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-30090 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 for 32-bit Systems | 5039225 (Security Update) | Important | Elevation of Privilege | 5037788 | Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.20680 | Yes | None |
| Windows 10 for x64-based Systems | 5039225 (Security Update) | Important | Elevation of Privilege | 5037788 | Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.20680 | Yes | None |
| Windows 10 Version 1607 for 32-bit Systems | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 1809 for ARM64-based Systems | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 21H2 for ARM64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 21H2 for x64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for 32-bit Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for ARM64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for x64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 11 version 21H2 for ARM64-based Systems | 5039213 (Security Update) | Important | Elevation of Privilege | 5037770 |
Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 version 21H2 for x64-based Systems | 5039213 (Security Update) | Important | Elevation of Privilege | 5037770 |
Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 Version 22H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Elevation of Privilege | 5037800 |
Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Elevation of Privilege | 5037800 |
Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Elevation of Privilege | 5037800 |
Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Elevation of Privilege | 5037800 |
Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5039289 (Monthly Rollup) 5039274 (Security Only) |
Important | Elevation of Privilege | 5037780 |
Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.27170 | Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5039289 (Monthly Rollup) 5039274 (Security Only) |
Important | Elevation of Privilege | 5037780 |
Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.27170 | Yes | None |
| Windows Server 2012 | 5039260 (Monthly Rollup) | Important | Elevation of Privilege | 5037778 | Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.24919 | Yes | None |
| Windows Server 2012 (Server Core installation) | 5039260 (Monthly Rollup) | Important | Elevation of Privilege | 5037778 | Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.24919 | Yes | None |
| Windows Server 2012 R2 | 5039294 (Monthly Rollup) | Important | Elevation of Privilege | 5037823 | Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22023 | Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5039294 (Monthly Rollup) | Important | Elevation of Privilege | 5037823 | Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22023 | Yes | None |
| Windows Server 2016 | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2016 (Server Core installation) | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2019 | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2019 (Server Core installation) | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2022 | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Elevation of Privilege | 5037782 5037848 |
Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022 (Server Core installation) | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Elevation of Privilege | 5037782 5037848 |
Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5039236 (Security Update) | Important | Elevation of Privilege | 5037781 | Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.950 | Yes | None |
| CVE ID | Acknowledgements |
| CVE-2024-30090 | Angelboy (@scwuaptx) with DEVCORE |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2024-30091
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Win32k Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:7
Executive Summary: None FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Mitigations: None Workarounds: None Revision: 1.0    06/11/2024     Information published. 1.1    06/19/2024     Updated FAQ information. This is an informational change only. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation More Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-30091 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 for 32-bit Systems | 5039225 (Security Update) | Important | Elevation of Privilege | 5037788 | Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.10240.20680 | Yes | None |
| Windows 10 for x64-based Systems | 5039225 (Security Update) | Important | Elevation of Privilege | 5037788 | Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.10240.20680 | Yes | None |
| Windows 10 Version 1607 for 32-bit Systems | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 1809 for ARM64-based Systems | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 21H2 for ARM64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 21H2 for x64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for 32-bit Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for ARM64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for x64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 11 version 21H2 for ARM64-based Systems | 5039213 (Security Update) | Important | Elevation of Privilege | 5037770 |
Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 version 21H2 for x64-based Systems | 5039213 (Security Update) | Important | Elevation of Privilege | 5037770 |
Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 Version 22H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Elevation of Privilege | 5037800 |
Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Elevation of Privilege | 5037800 |
Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Elevation of Privilege | 5037800 |
Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Elevation of Privilege | 5037800 |
Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5039289 (Monthly Rollup) 5039274 (Security Only) |
Important | Elevation of Privilege | 5037780 |
Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
6.1.7601.27170 | Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5039289 (Monthly Rollup) 5039274 (Security Only) |
Important | Elevation of Privilege | 5037780 |
Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
6.1.7601.27170 | Yes | None |
| Windows Server 2012 | 5039260 (Monthly Rollup) | Important | Elevation of Privilege | 5037778 | Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
6.2.9200.24919 | Yes | None |
| Windows Server 2012 (Server Core installation) | 5039260 (Monthly Rollup) | Important | Elevation of Privilege | 5037778 | Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
6.2.9200.24919 | Yes | None |
| Windows Server 2012 R2 | 5039294 (Monthly Rollup) | Important | Elevation of Privilege | 5037823 | Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
6.3.9600.22023 | Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5039294 (Monthly Rollup) | Important | Elevation of Privilege | 5037823 | Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
6.3.9600.22023 | Yes | None |
| Windows Server 2016 | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2016 (Server Core installation) | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2019 | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2019 (Server Core installation) | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2022 | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Elevation of Privilege | 5037782 5037848 |
Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022 (Server Core installation) | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Elevation of Privilege | 5037782 5037848 |
Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5039236 (Security Update) | Important | Elevation of Privilege | 5037781 | Base: 7.8 Temporal: 7 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.25398.950 | Yes | None |
| CVE ID | Acknowledgements |
| CVE-2024-30091 | Tobias Klein |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2024-30093
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Storage Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.3/TemporalScore:6.4
Executive Summary: None FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. According to the CVSS metrics, user interaction is required (UI:R) and privileges required is low (PR:L). What does that mean for this vulnerability? An authenticated attacker would need to perform specific actions on a vulnerable system, then convince another user on that system to interact with the Volume Shadow Copy functionality. Mitigations: None Workarounds: None Revision: 1.0    06/11/2024     Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-30093 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 for 32-bit Systems | 5039225 (Security Update) | Important | Elevation of Privilege | 5037788 | Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.20680 | Yes | None |
| Windows 10 for x64-based Systems | 5039225 (Security Update) | Important | Elevation of Privilege | 5037788 | Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.20680 | Yes | None |
| Windows 10 Version 1607 for 32-bit Systems | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 1809 for ARM64-based Systems | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 21H2 for ARM64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 21H2 for x64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for 32-bit Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for ARM64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for x64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 11 version 21H2 for ARM64-based Systems | 5039213 (Security Update) | Important | Elevation of Privilege | 5037770 |
Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 version 21H2 for x64-based Systems | 5039213 (Security Update) | Important | Elevation of Privilege | 5037770 |
Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 Version 22H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Elevation of Privilege | 5037800 |
Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Elevation of Privilege | 5037800 |
Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Elevation of Privilege | 5037800 |
Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Elevation of Privilege | 5037800 |
Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5039289 (Monthly Rollup) 5039274 (Security Only) |
Important | Elevation of Privilege | 5037780 |
Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.27170 | Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5039289 (Monthly Rollup) 5039274 (Security Only) |
Important | Elevation of Privilege | 5037780 |
Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.27170 | Yes | None |
| Windows Server 2012 | 5039260 (Monthly Rollup) | Important | Elevation of Privilege | 5037778 | Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.24919 | Yes | None |
| Windows Server 2012 (Server Core installation) | 5039260 (Monthly Rollup) | Important | Elevation of Privilege | 5037778 | Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.24919 | Yes | None |
| Windows Server 2012 R2 | 5039294 (Monthly Rollup) | Important | Elevation of Privilege | 5037823 | Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22023 | Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5039294 (Monthly Rollup) | Important | Elevation of Privilege | 5037823 | Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22023 | Yes | None |
| Windows Server 2016 | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2016 (Server Core installation) | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2019 | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2019 (Server Core installation) | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2022 | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Elevation of Privilege | 5037782 5037848 |
Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022 (Server Core installation) | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Elevation of Privilege | 5037782 5037848 |
Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5039236 (Security Update) | Important | Elevation of Privilege | 5037781 | Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.950 | Yes | None |
| CVE ID | Acknowledgements |
| CVE-2024-30093 | Or Yair with SafeBreach |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2024-30094
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: None FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. For example, when the score indicates that the Attack Vector is Local and User Interaction is Required, this could describe an exploit in which an attacker, through social engineering, convinces a victim to download and open a specially crafted file from a website which leads to a local attack on their computer. Mitigations: None Workarounds: None Revision: 1.0    06/11/2024     Information published. |
Important | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-30094 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 for 32-bit Systems | 5039225 (Security Update) | Important | Remote Code Execution | 5037788 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.20680 | Yes | None |
| Windows 10 for x64-based Systems | 5039225 (Security Update) | Important | Remote Code Execution | 5037788 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.20680 | Yes | None |
| Windows 10 Version 1607 for 32-bit Systems | 5039214 (Security Update) | Important | Remote Code Execution | 5037763 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5039214 (Security Update) | Important | Remote Code Execution | 5037763 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5039217 (Security Update) | Important | Remote Code Execution | 5037765 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 1809 for ARM64-based Systems | 5039217 (Security Update) | Important | Remote Code Execution | 5037765 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5039217 (Security Update) | Important | Remote Code Execution | 5037765 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5039211 (Security Update) | Important | Remote Code Execution | 5037768 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 21H2 for ARM64-based Systems | 5039211 (Security Update) | Important | Remote Code Execution | 5037768 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 21H2 for x64-based Systems | 5039211 (Security Update) | Important | Remote Code Execution | 5037768 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for 32-bit Systems | 5039211 (Security Update) | Important | Remote Code Execution | 5037768 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for ARM64-based Systems | 5039211 (Security Update) | Important | Remote Code Execution | 5037768 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for x64-based Systems | 5039211 (Security Update) | Important | Remote Code Execution | 5037768 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 11 version 21H2 for ARM64-based Systems | 5039213 (Security Update) | Important | Remote Code Execution | 5037770 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 version 21H2 for x64-based Systems | 5039213 (Security Update) | Important | Remote Code Execution | 5037770 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 Version 22H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Remote Code Execution | 5037771 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5039212 (Security Update) | Important | Remote Code Execution | 5037771 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Remote Code Execution | 5037771 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5039212 (Security Update) | Important | Remote Code Execution | 5037771 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Remote Code Execution | 5037800 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Remote Code Execution | 5037800 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Remote Code Execution | 5037800 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Remote Code Execution | 5037800 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5039289 (Monthly Rollup) 5039274 (Security Only) |
Important | Remote Code Execution | 5037780 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.27170 | Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5039289 (Monthly Rollup) 5039274 (Security Only) |
Important | Remote Code Execution | 5037780 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.27170 | Yes | None |
| Windows Server 2012 | 5039260 (Monthly Rollup) | Important | Remote Code Execution | 5037778 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.24919 | Yes | None |
| Windows Server 2012 (Server Core installation) | 5039260 (Monthly Rollup) | Important | Remote Code Execution | 5037778 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.24919 | Yes | None |
| Windows Server 2012 R2 | 5039294 (Monthly Rollup) | Important | Remote Code Execution | 5037823 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22023 | Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5039294 (Monthly Rollup) | Important | Remote Code Execution | 5037823 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22023 | Yes | None |
| Windows Server 2016 | 5039214 (Security Update) | Important | Remote Code Execution | 5037763 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2016 (Server Core installation) | 5039214 (Security Update) | Important | Remote Code Execution | 5037763 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2019 | 5039217 (Security Update) | Important | Remote Code Execution | 5037765 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2019 (Server Core installation) | 5039217 (Security Update) | Important | Remote Code Execution | 5037765 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2022 | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Remote Code Execution | 5037782 5037848 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022 (Server Core installation) | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Remote Code Execution | 5037782 5037848 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5039236 (Security Update) | Important | Remote Code Execution | 5037781 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.950 | Yes | None |
| CVE ID | Acknowledgements |
| CVE-2024-30094 | Anonymous |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2024-30095
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: None FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. For example, when the score indicates that the Attack Vector is Local and User Interaction is Required, this could describe an exploit in which an attacker, through social engineering, convinces a victim to download and open a specially crafted file from a website which leads to a local attack on their computer. Mitigations: None Workarounds: None Revision: 1.0    06/11/2024     Information published. |
Important | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-30095 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 for 32-bit Systems | 5039225 (Security Update) | Important | Remote Code Execution | 5037788 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.20680 | Yes | None |
| Windows 10 for x64-based Systems | 5039225 (Security Update) | Important | Remote Code Execution | 5037788 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.20680 | Yes | None |
| Windows 10 Version 1607 for 32-bit Systems | 5039214 (Security Update) | Important | Remote Code Execution | 5037763 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5039214 (Security Update) | Important | Remote Code Execution | 5037763 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5039217 (Security Update) | Important | Remote Code Execution | 5037765 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 1809 for ARM64-based Systems | 5039217 (Security Update) | Important | Remote Code Execution | 5037765 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5039217 (Security Update) | Important | Remote Code Execution | 5037765 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5039211 (Security Update) | Important | Remote Code Execution | 5037768 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 21H2 for ARM64-based Systems | 5039211 (Security Update) | Important | Remote Code Execution | 5037768 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 21H2 for x64-based Systems | 5039211 (Security Update) | Important | Remote Code Execution | 5037768 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for 32-bit Systems | 5039211 (Security Update) | Important | Remote Code Execution | 5037768 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for ARM64-based Systems | 5039211 (Security Update) | Important | Remote Code Execution | 5037768 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for x64-based Systems | 5039211 (Security Update) | Important | Remote Code Execution | 5037768 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 11 version 21H2 for ARM64-based Systems | 5039213 (Security Update) | Important | Remote Code Execution | 5037770 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 version 21H2 for x64-based Systems | 5039213 (Security Update) | Important | Remote Code Execution | 5037770 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 Version 22H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Remote Code Execution | 5037771 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5039212 (Security Update) | Important | Remote Code Execution | 5037771 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Remote Code Execution | 5037771 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5039212 (Security Update) | Important | Remote Code Execution | 5037771 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows Server 2008 for 32-bit Systems Service Pack 2 | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Remote Code Execution | 5037800 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Remote Code Execution | 5037800 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 for x64-based Systems Service Pack 2 | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Remote Code Execution | 5037800 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) | 5039245 (Monthly Rollup) 5039266 (Security Only) |
Important | Remote Code Execution | 5037800 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.0.6003.22720 |
Yes | 5039245 5039266 |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 | 5039289 (Monthly Rollup) 5039274 (Security Only) |
Important | Remote Code Execution | 5037780 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.27170 | Yes | None |
| Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) | 5039289 (Monthly Rollup) 5039274 (Security Only) |
Important | Remote Code Execution | 5037780 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.1.7601.27170 | Yes | None |
| Windows Server 2012 | 5039260 (Monthly Rollup) | Important | Remote Code Execution | 5037778 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.24919 | Yes | None |
| Windows Server 2012 (Server Core installation) | 5039260 (Monthly Rollup) | Important | Remote Code Execution | 5037778 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.2.9200.24919 | Yes | None |
| Windows Server 2012 R2 | 5039294 (Monthly Rollup) | Important | Remote Code Execution | 5037823 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22023 | Yes | None |
| Windows Server 2012 R2 (Server Core installation) | 5039294 (Monthly Rollup) | Important | Remote Code Execution | 5037823 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
6.3.9600.22023 | Yes | None |
| Windows Server 2016 | 5039214 (Security Update) | Important | Remote Code Execution | 5037763 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2016 (Server Core installation) | 5039214 (Security Update) | Important | Remote Code Execution | 5037763 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2019 | 5039217 (Security Update) | Important | Remote Code Execution | 5037765 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2019 (Server Core installation) | 5039217 (Security Update) | Important | Remote Code Execution | 5037765 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2022 | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Remote Code Execution | 5037782 5037848 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022 (Server Core installation) | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Remote Code Execution | 5037782 5037848 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5039236 (Security Update) | Important | Remote Code Execution | 5037781 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.950 | Yes | None |
| CVE ID | Acknowledgements |
| CVE-2024-30095 | Anonymous |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2024-30096
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Cryptographic Services Information Disclosure Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:5.5/TemporalScore:4.8
Executive Summary: None FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is Windows cryptographic secrets. What type of information could be disclosed by this vulnerability? An attacker who successfully exploited this vulnerability could disclose sensitive information such as KeyGuard (KG) keys, which are intended to be per-boot and used to protect sensitive data. If an attacker can persist these keys, they could potentially decrypt any information that was encrypted with the KG key, leading to the exposure of a wide range of sensitive and confidential information. Mitigations: None Workarounds: None Revision: 1.0    06/11/2024     Information published. |
Important | Information Disclosure | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-30096 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1809 for 32-bit Systems | 5039217 (Security Update) | Important | Information Disclosure | 5037765 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 1809 for ARM64-based Systems | 5039217 (Security Update) | Important | Information Disclosure | 5037765 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5039217 (Security Update) | Important | Information Disclosure | 5037765 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5039211 (Security Update) | Important | Information Disclosure | 5037768 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 21H2 for ARM64-based Systems | 5039211 (Security Update) | Important | Information Disclosure | 5037768 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 21H2 for x64-based Systems | 5039211 (Security Update) | Important | Information Disclosure | 5037768 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for 32-bit Systems | 5039211 (Security Update) | Important | Information Disclosure | 5037768 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for ARM64-based Systems | 5039211 (Security Update) | Important | Information Disclosure | 5037768 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for x64-based Systems | 5039211 (Security Update) | Important | Information Disclosure | 5037768 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 11 version 21H2 for ARM64-based Systems | 5039213 (Security Update) | Important | Information Disclosure | 5037770 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 version 21H2 for x64-based Systems | 5039213 (Security Update) | Important | Information Disclosure | 5037770 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 Version 22H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Information Disclosure | 5037771 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5039212 (Security Update) | Important | Information Disclosure | 5037771 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Information Disclosure | 5037771 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5039212 (Security Update) | Important | Information Disclosure | 5037771 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows Server 2019 | 5039217 (Security Update) | Important | Information Disclosure | 5037765 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2019 (Server Core installation) | 5039217 (Security Update) | Important | Information Disclosure | 5037765 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2022 | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Information Disclosure | 5037782 5037848 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022 (Server Core installation) | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Information Disclosure | 5037782 5037848 |
Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5039236 (Security Update) | Important | Information Disclosure | 5037781 | Base: 5.5 Temporal: 4.8 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
10.0.25398.950 | Yes | None |
| CVE ID | Acknowledgements |
| CVE-2024-30096 | Brandon Zhang and Mohsen Mohammadi with Microsoft |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2024-30097
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Executive Summary: None FAQ: According to the CVSS metric, user interaction is required (UI:R) and privileges required are none (PR:N). What does that mean for this vulnerability? An unauthorized attacker must wait for a user to initiate a connection. How could an attacker exploit this vulnerability? An attacker could exploit a double free vulnerability within the OS SAPI component to cause a denial of service or execute arbitrary code, compromising system integrity and availability. According to the CVSS metric, the attack vector is network (AV:N) and the user interaction is required (UI:R). What is the target context of the remote code execution? This attack requires an authenticated client to click a link in order in for an unauthenticated attacker to initiate remote code execution. Mitigations: None Workarounds: None Revision: 1.0    06/11/2024     Information published. |
Important | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-30097 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 for 32-bit Systems | 5039225 (Security Update) | Important | Remote Code Execution | 5037788 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.20680 | Yes | None |
| Windows 10 for x64-based Systems | 5039225 (Security Update) | Important | Remote Code Execution | 5037788 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.10240.20680 | Yes | None |
| Windows 10 Version 1607 for 32-bit Systems | 5039214 (Security Update) | Important | Remote Code Execution | 5037763 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5039214 (Security Update) | Important | Remote Code Execution | 5037763 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5039217 (Security Update) | Important | Remote Code Execution | 5037765 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 1809 for ARM64-based Systems | 5039217 (Security Update) | Important | Remote Code Execution | 5037765 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5039217 (Security Update) | Important | Remote Code Execution | 5037765 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5039211 (Security Update) | Important | Remote Code Execution | 5037768 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 21H2 for ARM64-based Systems | 5039211 (Security Update) | Important | Remote Code Execution | 5037768 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 21H2 for x64-based Systems | 5039211 (Security Update) | Important | Remote Code Execution | 5037768 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for 32-bit Systems | 5039211 (Security Update) | Important | Remote Code Execution | 5037768 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for ARM64-based Systems | 5039211 (Security Update) | Important | Remote Code Execution | 5037768 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for x64-based Systems | 5039211 (Security Update) | Important | Remote Code Execution | 5037768 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 11 version 21H2 for ARM64-based Systems | 5039213 (Security Update) | Important | Remote Code Execution | 5037770 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 version 21H2 for x64-based Systems | 5039213 (Security Update) | Important | Remote Code Execution | 5037770 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 Version 22H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Remote Code Execution | 5037771 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5039212 (Security Update) | Important | Remote Code Execution | 5037771 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Remote Code Execution | 5037771 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5039212 (Security Update) | Important | Remote Code Execution | 5037771 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows Server 2016 | 5039214 (Security Update) | Important | Remote Code Execution | 5037763 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2016 (Server Core installation) | 5039214 (Security Update) | Important | Remote Code Execution | 5037763 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2019 | 5039217 (Security Update) | Important | Remote Code Execution | 5037765 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2019 (Server Core installation) | 5039217 (Security Update) | Important | Remote Code Execution | 5037765 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2022 | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Remote Code Execution | 5037782 5037848 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022 (Server Core installation) | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Remote Code Execution | 5037782 5037848 |
Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5039236 (Security Update) | Important | Remote Code Execution | 5037781 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.25398.950 | Yes | None |
| CVE ID | Acknowledgements |
| CVE-2024-30097 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2024-30099
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Kernel Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7/TemporalScore:6.3
Executive Summary: None FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. Mitigations: None Workarounds: None Revision: 1.0    06/11/2024     Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation More Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-30099 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 for 32-bit Systems | 5039225 (Security Update) | Important | Elevation of Privilege | 5037788 | Base: 7 Temporal: 6.3 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.10240.20680 | Yes | None |
| Windows 10 for x64-based Systems | 5039225 (Security Update) | Important | Elevation of Privilege | 5037788 | Base: 7 Temporal: 6.3 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.10240.20680 | Yes | None |
| Windows 10 Version 1607 for 32-bit Systems | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 7 Temporal: 6.3 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows 10 Version 1607 for x64-based Systems | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 7 Temporal: 6.3 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows 10 Version 1809 for 32-bit Systems | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7 Temporal: 6.3 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 1809 for ARM64-based Systems | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7 Temporal: 6.3 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7 Temporal: 6.3 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7 Temporal: 6.3 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 21H2 for ARM64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7 Temporal: 6.3 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 21H2 for x64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7 Temporal: 6.3 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for 32-bit Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7 Temporal: 6.3 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for ARM64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7 Temporal: 6.3 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for x64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7 Temporal: 6.3 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 11 version 21H2 for ARM64-based Systems | 5039213 (Security Update) | Important | Elevation of Privilege | 5037770 |
Base: 7 Temporal: 6.3 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 version 21H2 for x64-based Systems | 5039213 (Security Update) | Important | Elevation of Privilege | 5037770 |
Base: 7 Temporal: 6.3 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 Version 22H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 7 Temporal: 6.3 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 7 Temporal: 6.3 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 7 Temporal: 6.3 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 7 Temporal: 6.3 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows Server 2016 | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 7 Temporal: 6.3 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2016 (Server Core installation) | 5039214 (Security Update) | Important | Elevation of Privilege | 5037763 | Base: 7 Temporal: 6.3 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.14393.7070 | Yes | None |
| Windows Server 2019 | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7 Temporal: 6.3 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2019 (Server Core installation) | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7 Temporal: 6.3 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2022 | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Elevation of Privilege | 5037782 5037848 |
Base: 7 Temporal: 6.3 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022 (Server Core installation) | 5039227 (Security Update) 5039330 (Security Hotpatch Update) |
Important | Elevation of Privilege | 5037782 5037848 |
Base: 7 Temporal: 6.3 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.20348.2527 10.0.20348.2522 |
Yes | 5039227 |
| Windows Server 2022, 23H2 Edition (Server Core installation) | 5039236 (Security Update) | Important | Elevation of Privilege | 5037781 | Base: 7 Temporal: 6.3 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
10.0.25398.950 | Yes | None |
| CVE ID | Acknowledgements |
| CVE-2024-30099 | George Hughey with MSRC Vulnerabilities and Mitigations |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2024-30100
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft SharePoint Server Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: None FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. For example, when the score indicates that the Attack Vector is Local and User Interaction is Required, this could describe an exploit in which an attacker, through social engineering, convinces a victim to download and open a specially crafted file from a website which leads to a local attack on their computer. Mitigations: None Workarounds: None Revision: 1.0    06/11/2024     Information published. |
Important | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-30100 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft SharePoint Enterprise Server 2016 | 5002604 (Security Update) | Important | Remote Code Execution | 5002598 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.5452.1000 | Maybe | None |
| Microsoft SharePoint Server 2019 | 5002602 (Security Update) | Important | Remote Code Execution | 5002596 | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.10411.20004 | Maybe | None |
| Microsoft SharePoint Server Subscription Edition | 5002603 (Security Update) | Important | Remote Code Execution | None | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.17328.20362 | Maybe | None |
| CVE ID | Acknowledgements |
| CVE-2024-30100 | cjM00n & Edwardzpeng |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2024-30101
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft Office Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:6.5
Executive Summary: None FAQ: According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? Successful exploitation of this vulnerability requires a user to open a malicious email with an affected version of Microsoft Outlook and then perform specific actions to trigger the vulnerability. According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. Is the Preview Pane an attack vector for this vulnerability? Yes. The Preview Pane is an attack vector, but additional user interaction is required. Mitigations: None Workarounds: None Revision: 1.0    06/11/2024     Information published. |
Important | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-30101 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft 365 Apps for Enterprise for 32-bit Systems | Click to Run (Security Update) | Important | Remote Code Execution | None | Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases | No | None |
| Microsoft 365 Apps for Enterprise for 64-bit Systems | Click to Run (Security Update) | Important | Remote Code Execution | None | Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases | No | None |
| Microsoft Office 2016 (32-bit edition) | 5002591 (Security Update) 5002575 (Security Update) |
Important | Remote Code Execution | 5002537 5002467 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.5452.1000 | Maybe | None |
| Microsoft Office 2016 (64-bit edition) | 5002591 (Security Update) 5002575 (Security Update) |
Important | Remote Code Execution | 5002537 5002467 |
Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.5452.1000 | Maybe | None |
| Microsoft Office 2019 for 32-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | None | Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases | No | None |
| Microsoft Office 2019 for 64-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | None | Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases | No | None |
| Microsoft Office LTSC 2021 for 32-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | None | Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases | No | None |
| Microsoft Office LTSC 2021 for 64-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | None | Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases | No | None |
| CVE ID | Acknowledgements |
| CVE-2024-30101 | 849db8e253fb723f1bb056416bce0922 |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2024-30102
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft Office Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.3/TemporalScore:6.4
Executive Summary: None FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. For example, when the score indicates that the Attack Vector is Local and User Interaction is Required, this could describe an exploit in which an attacker, through social engineering, convinces a victim to download and open a specially crafted file from a website which leads to a local attack on their computer. Is the Preview Pane an attack vector for this vulnerability? No, the Preview Pane is not an attack vector. Mitigations: None Workarounds: None Revision: 1.0    06/11/2024     Information published. |
Important | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-30102 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft 365 Apps for Enterprise for 32-bit Systems | Click to Run (Security Update) | Important | Remote Code Execution | None | Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases | No | None |
| Microsoft 365 Apps for Enterprise for 64-bit Systems | Click to Run (Security Update) | Important | Remote Code Execution | None | Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases | No | None |
| CVE ID | Acknowledgements |
| CVE-2024-30102 | Quan Jin with DBAPPSecurity WeBin Lab |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2024-30103
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft Outlook Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Executive Summary: None FAQ: Is the Preview Pane an attack vector for this vulnerability? Yes, the Preview Pane is an attack vector. According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability? The attacker must be authenticated using valid Exchange user credentials. How could an attacker exploit this vulnerability? An attacker who successfully exploited this vulnerability could bypass Outlook registry block lists and enable the creation of malicious DLL files. Mitigations: None Workarounds: None Revision: 1.0    06/11/2024     Information published. |
Important | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-30103 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft 365 Apps for Enterprise for 32-bit Systems | Click to Run (Security Update) | Important | Remote Code Execution | None | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases | No | None |
| Microsoft 365 Apps for Enterprise for 64-bit Systems | Click to Run (Security Update) | Important | Remote Code Execution | None | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases | No | None |
| Microsoft Office 2019 for 32-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | None | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases | No | None |
| Microsoft Office 2019 for 64-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | None | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases | No | None |
| Microsoft Office LTSC 2021 for 32-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | None | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases | No | None |
| Microsoft Office LTSC 2021 for 64-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | None | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases | No | None |
| Microsoft Outlook 2016 (32-bit edition) | 5002600 (Security Update) | Important | Remote Code Execution | 5002543 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.5452.1000 | Maybe | None |
| Microsoft Outlook 2016 (64-bit edition) | 5002600 (Security Update) | Important | Remote Code Execution | 5002543 | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.5452.1000 | Maybe | None |
| CVE ID | Acknowledgements |
| CVE-2024-30103 | Arnold Osipov with Morphisec Shmuel Uzan with Morphisec Michael Gorelik with Morphisec |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2024-30104
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft Office Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.8/TemporalScore:6.8
Executive Summary: None FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability. According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? An attacker must send the user a malicious file and convince them to open it. Is the Preview Pane an attack vector for this vulnerability? No, the Preview Pane is not an attack vector. Mitigations: None Workarounds: None Revision: 1.0    06/11/2024     Information published. |
Important | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-30104 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft 365 Apps for Enterprise for 32-bit Systems | Click to Run (Security Update) | Important | Remote Code Execution | None | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases | No | None |
| Microsoft 365 Apps for Enterprise for 64-bit Systems | Click to Run (Security Update) | Important | Remote Code Execution | None | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases | No | None |
| Microsoft Office 2016 (32-bit edition) | 5002591 (Security Update) 5002575 (Security Update) |
Important | Remote Code Execution | 5002537 5002467 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.5452.1000 | Maybe | None |
| Microsoft Office 2016 (64-bit edition) | 5002591 (Security Update) 5002575 (Security Update) |
Important | Remote Code Execution | 5002537 5002467 |
Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
16.0.5452.1000 | Maybe | None |
| Microsoft Office 2019 for 32-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | None | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases | No | None |
| Microsoft Office 2019 for 64-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | None | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases | No | None |
| Microsoft Office LTSC 2021 for 32-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | None | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases | No | None |
| Microsoft Office LTSC 2021 for 64-bit editions | Click to Run (Security Update) | Important | Remote Code Execution | None | Base: 7.8 Temporal: 6.8 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
https://aka.ms/OfficeSecurityReleases | No | None |
| CVE ID | Acknowledgements |
| CVE-2024-30104 | Luke Papandrea, Microsoft Corporation |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2024-35248
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.3/TemporalScore:6.4
Executive Summary: None FAQ: According to the CVSS metrics, successful exploitation of this vulnerability could lead to minor loss of confidentiality (C:L), integrity (I:L) and availability (A:L). What does that mean for this vulnerability? While we cannot rule out the impact to Confidentiality, Integrity, and Availability, the ability to exploit this vulnerability by itself is limited. An attacker would need to combine this with other vulnerabilities to perform an attack. What privileges could be gained by an attacker who successfully exploited the vulnerability? The attacker would gain the rights of the user that is running the affected application. Mitigations: None Workarounds: None Revision: 1.0    06/11/2024     Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-35248 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft Dynamics 365 Business Central 2023 Release Wave 1 | 5038529 (Security Update) | Important | Elevation of Privilege | None | Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C |
Application Build 22.13.64344, Platform Build 22.0 | Maybe | None |
| Microsoft Dynamics 365 Business Central 2023 Release Wave 2 | 5038530 (Security Update) | Important | Elevation of Privilege | None | Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C |
Application Build 23.7.18957, Platform Build 23.0. | Maybe | None |
| Microsoft Dynamics 365 Business Central 2024 Release Wave 1 | 5038531 (Security Update) | Important | Elevation of Privilege | None | Base: 7.3 Temporal: 6.4 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C |
Application Build 24.1.19498, Platform Build 24.0. | Maybe | None |
| CVE ID | Acknowledgements |
| CVE-2024-35248 | Dr. Florian Hauser @frycos with CODE WHITE GmbH |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2024-35249
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft Dynamics 365 Business Central Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:8.8/TemporalScore:7.7
Executive Summary: None FAQ: According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability? Any authenticated attacker could trigger this vulnerability. It does not require admin or other elevated privileges. Mitigations: None Workarounds: None Revision: 1.0    06/11/2024     Information published. |
Important | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-35249 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft Dynamics 365 Business Central 2023 Release Wave 1 | 5038529 (Security Update) | Important | Remote Code Execution | None | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
Application Build 22.13.64344, Platform Build 22.0 | Maybe | None |
| Microsoft Dynamics 365 Business Central 2023 Release Wave 2 | 5038530 (Security Update) | Important | Remote Code Execution | None | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
Application Build 23.7.18957, Platform Build 23.0. | Maybe | None |
| Microsoft Dynamics 365 Business Central 2024 Release Wave 1 | 5038531 (Security Update) | Important | Remote Code Execution | None | Base: 8.8 Temporal: 7.7 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
Application Build 24.1.19498, Platform Build 24.0. | Maybe | None |
| CVE ID | Acknowledgements |
| CVE-2024-35249 | Dr. Florian Hauser @frycos with CODE WHITE GmbH |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2024-35252
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Azure Storage Movement Client Library Denial of Service Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.5/TemporalScore:6.5
Executive Summary: None FAQ: None Mitigations: None Workarounds: None Revision: 1.0    06/11/2024     Information published. |
Important | Denial of Service | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-35252 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Storage Movement Client Library for .NET | Release Notes (Security Update) | Important | Denial of Service | None | Base: 7.5 Temporal: 6.5 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C |
2.0.5 | Maybe | None |
| CVE ID | Acknowledgements |
| CVE-2024-35252 | Anonymous |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2024-35253
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft Azure File Sync Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:4.4/TemporalScore:4.2
Executive Summary: None FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability? Any authenticated attacker could trigger this vulnerability. It does not require admin or other elevated privileges. What privileges could be gained by an attacker who successfully exploited the vulnerability? Exploiting this vulnerability would allow the attacker to perform arbitrary deletion of files that are not accessible to unprivileged users on the victim machine. According to the CVSS metric, user interaction is Required (UI:R). What does that mean for this vulnerability? The successful exploitation of this vulnerability requires a user with administrator privileges to perform specific operations on the endpoint targeted by the attacker. Mitigations: None Workarounds: None Revision: 1.0    06/11/2024     Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-35253 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure File Sync v16.0 | 5039814 (Security Update) | Important | Elevation of Privilege | None | Base: 4.4 Temporal: 4.2 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N/E:H/RL:O/RC:C |
17.3 | Maybe | None |
| Azure File Sync v17.0 | 5039814 (Security Update) | Important | Elevation of Privilege | None | Base: 4.4 Temporal: 4.2 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N/E:H/RL:O/RC:C |
17.3 | Maybe | None |
| Azure File Sync v18.0 | 5023058 (Security Update) | Important | Elevation of Privilege | None | Base: 4.4 Temporal: 4.2 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N/E:H/RL:O/RC:C |
18.1 | Maybe | None |
| CVE ID | Acknowledgements |
| CVE-2024-35253 | 3wyeye5 with OSR Fangming Gu with OSR chino71 with OSR |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2024-35254
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Azure Monitor Agent Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7.1/TemporalScore:6.2
Executive Summary: None FAQ: What actions do customers need to take to protect themselves from this vulnerability? Customers who have disabled Automatic Extension Upgrades or would like to upgrade an extension immediately must manually update their Azure Monitor Agent to the latest version. For more information on how to perform a manual update, see Manage Azure Monitor Agent. How could an attacker exploit this vulnerability and what privileges could an attacker gain? An authenticated attacker with read access permissions can exploit this vulnerability to perform arbitrary file and folder deletion on the host where the Azure Monitor Agent is installed. According to the CVSS metrics, successful exploitation of this vulnerability could lead to no loss of confidentiality (C:N) but have major impact on integrity (I:H) and on availability (A:H). What does that mean for this vulnerability? This vulnerability does not allow disclosure of any confidential information, but could allow an attacker to delete data that could include data that results in the service being unavailable. Mitigations: None Workarounds: None Revision: 1.0    06/11/2024     Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-35254 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Monitor Agent | Release Notes (Security Update) | Important | Elevation of Privilege | None | Base: 7.1 Temporal: 6.2 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H/E:U/RL:O/RC:C |
1.26.0 | Maybe | None |
| CVE ID | Acknowledgements |
| CVE-2024-35254 | R4nger & Zhiniang Peng |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2024-35263
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:5.7/TemporalScore:5
Executive Summary: None FAQ: According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability? Any authenticated attacker could trigger this vulnerability. It does not require admin or other elevated privileges. What type of information could be disclosed by this vulnerability? This vulnerability allows exfiltration of all the data that the logged-in user can access. Mitigations: None Workarounds: None Revision: 1.0    06/11/2024     Information published. |
Important | Information Disclosure | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-35263 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft Dynamics 365 (on-premises) version 9.1 | 5039459 (Security Update) | Important | Information Disclosure | None | Base: 5.7 Temporal: 5 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C |
1.29 | Maybe | None |
| CVE ID | Acknowledgements |
| CVE-2024-35263 | Erik Donker |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2024-35265
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Windows Perception Service Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:7/TemporalScore:6.1
Executive Summary: None FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker who successfully exploited this vulnerability could create or delete files in the security context of the “NT AUTHORITY\ LOCAL SERVICE” account. According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. According to the CVSS metric, privileges required is Low (PR:L). What does that mean for this vulnerability? To exploit this vulnerability an attacker must have an account with the User role assigned. Mitigations: None Workarounds: None Revision: 1.0    06/11/2024     Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-35265 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Windows 10 Version 1809 for 32-bit Systems | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 1809 for ARM64-based Systems | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 1809 for x64-based Systems | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows 10 Version 21H2 for 32-bit Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 21H2 for ARM64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 21H2 for x64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19044.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for 32-bit Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for ARM64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 10 Version 22H2 for x64-based Systems | 5039211 (Security Update) | Important | Elevation of Privilege | 5037768 |
Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.19045.4529 |
Yes | 5039211 |
| Windows 11 version 21H2 for ARM64-based Systems | 5039213 (Security Update) | Important | Elevation of Privilege | 5037770 |
Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 version 21H2 for x64-based Systems | 5039213 (Security Update) | Important | Elevation of Privilege | 5037770 |
Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22000.3019 |
Yes | 5039213 |
| Windows 11 Version 22H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 22H2 for x64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22621.3737 | Yes | None |
| Windows 11 Version 23H2 for ARM64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows 11 Version 23H2 for x64-based Systems | 5039212 (Security Update) | Important | Elevation of Privilege | 5037771 | Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.22631.3737 | Yes | None |
| Windows Server 2019 | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| Windows Server 2019 (Server Core installation) | 5039217 (Security Update) | Important | Elevation of Privilege | 5037765 | Base: 7 Temporal: 6.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
10.0.17763.5936 | Yes | None |
| CVE ID | Acknowledgements |
| CVE-2024-35265 | goodbyeselene |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2024-37325
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Azure Science Virtual Machine (DSVM) Elevation of Privilege Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:8.1/TemporalScore:7.3
Executive Summary: None FAQ: What actions do customers need to take to protect themselves from this vulnerability? Only customers using Linux/Ubuntu Data Science Virtual Machines (DSVM) with versions prior to 24.05.24 may be affected. For guidance on how to update your resources, reference the following: Upgrade your Data Science Virtual Machine to Ubuntu 20.04. Customers who deploy DSVMs using CLI or scripts may also need to update the DSVM version specified in their deployment parameters. How could an attacker exploit this vulnerability? An unauthenticated attacker could send a specially crafted request to the target machine to gain access to credentials of authorized users. This could enable an attacker to impersonate the user and perform any operations the compromised user is permitted to perform. What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker who successfully exploited this vulnerability could gain the privileges of the compromised user. According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment of the targeted component. Mitigations: None Workarounds: None Revision: 1.0    06/11/2024     Information published. |
Important | Elevation of Privilege | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-37325 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Azure Data Science Virtual Machines for Linux | Release Notes (Security Update) | Important | Elevation of Privilege | None | Base: 8.1 Temporal: 7.3 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C |
24.05.24 | Yes | None |
| CVE ID | Acknowledgements |
| CVE-2024-37325 | Yanir Tsarimi |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||||||||||||||
| CVE-2024-30058
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft Edge (Chromium-based) Spoofing Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:5.4/TemporalScore:4.7
Executive Summary: None FAQ: According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of confidentiality (C:L)? What does that mean for this vulnerability? Limited information from the victim's browser associated with the vulnerable URL can be sent to the attacker by the malicious code. What kind of security feature could be bypassed by successfully exploiting this vulnerability? An attacker who successfully exploited this vulnerability could bypass the permissions dialog feature prompt presented to users when initiating a download. According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of integrity (I:L)? What does that mean for this vulnerability? The attacker is only able to modify the content of the vulnerable link to redirect the victim to a malicious site. According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? The user would have to click on a specially crafted URL to be compromised by the attacker.
Mitigations: None Workarounds: None Revision: 1.0    06/13/2024     Information published. |
Low | Spoofing | ||||||||||||||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-30058 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft Edge (Chromium-based) | Release Notes (Security Update) | Low | Spoofing | None | Base: 5.4 Temporal: 4.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C |
126.0.2592.56 | No | None |
| CVE ID | Acknowledgements |
| CVE-2024-30058 | Narendra Bhati with Lead Penetration Tester at Suma Soft Pvt. Ltd. India |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||||||||||||||
| CVE-2024-30057
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft Edge for iOS Spoofing Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:5.4/TemporalScore:4.7
Executive Summary: None FAQ: According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of integrity (I:L)? What does that mean for this vulnerability? The attacker is only able to modify the content of the vulnerable link to redirect the victim to a malicious site. According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? The user would have to click on a specially crafted URL to be compromised by the attacker. According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of confidentiality (C:L)? What does that mean for this vulnerability? Limited information from the victim's browser associated with the vulnerable URL can be sent to the attacker by the malicious code. What kind of security feature could be bypassed by successfully exploiting this vulnerability? An attacker who successfully exploited this vulnerability could bypass the permissions dialog feature prompt presented to users when initiating a download.
Mitigations: None Workarounds: None Revision: 1.0    06/13/2024     Information published. |
Low | Spoofing | ||||||||||||||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-30057 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft Edge for iOS | Release Notes (Security Update) | Low | Spoofing | None | Base: 5.4 Temporal: 4.7 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C |
126.0.2592.56 | No | None |
| CVE ID | Acknowledgements |
| CVE-2024-30057 | Narendra Bhati with Lead Penetration Tester at Suma Soft Pvt. Ltd. India |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||
| CVE-2024-6290
MITRE NVD Issuing CNA: Chrome |
CVE Title: Chromium: CVE-2024-6290 Use after free in Dawn
CVSS: None Executive Summary: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ:
Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. How can I see the version of the browser?
Mitigations: None Workarounds: None Revision: 1.0    06/27/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-6290 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft Edge (Chromium-based) | Release Notes (Security Update) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
126.0.2592.8 | No | None |
| CVE ID | Acknowledgements |
| CVE-2024-6290 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||
| CVE-2024-6293
MITRE NVD Issuing CNA: Chrome |
CVE Title: Chromium: CVE-2024-6293 Use after free in Dawn
CVSS: None Executive Summary: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ:
Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. How can I see the version of the browser?
Mitigations: None Workarounds: None Revision: 1.0    06/27/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-6293 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft Edge (Chromium-based) | Release Notes (Security Update) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
126.0.2592.8 | No | None |
| CVE ID | Acknowledgements |
| CVE-2024-6293 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||
| CVE-2024-6292
MITRE NVD Issuing CNA: Chrome |
CVE Title: Chromium: CVE-2024-6292 Use after free in Dawn
CVSS: None Executive Summary: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ:
Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. How can I see the version of the browser?
Mitigations: None Workarounds: None Revision: 1.0    06/27/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-6292 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft Edge (Chromium-based) | Release Notes (Security Update) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
126.0.2592.8 | No | None |
| CVE ID | Acknowledgements |
| CVE-2024-6292 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||
| CVE-2024-6291
MITRE NVD Issuing CNA: Chrome |
CVE Title: Chromium: CVE-2024-6291 Use after free in Swiftshader
CVSS: None Executive Summary: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ:
Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. How can I see the version of the browser?
Mitigations: None Workarounds: None Revision: 1.0    06/27/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-6291 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft Edge (Chromium-based) | Release Notes (Security Update) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
126.0.2592.8 | No | None |
| CVE ID | Acknowledgements |
| CVE-2024-6291 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||
| CVE-2024-34122
MITRE NVD Issuing CNA: Adobe |
CVE Title: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVSS: None Executive Summary: None FAQ:
Why is this Adobe CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Adobe Software which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. How can I see the version of the browser?
Mitigations: None Workarounds: None Revision: 1.0    06/27/2024     Information published. |
Moderate | Remote Code Execution |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-34122 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft Edge (Chromium-based) | Release Notes (Security Update) | Moderate | Remote Code Execution | None | Base: N/A Temporal: N/A Vector: N/A |
126.0.2592.8 | No | None |
| CVE ID | Acknowledgements |
| CVE-2024-34122 | 0x140ce |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||
| CVE-2024-30052
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Visual Studio Remote Code Execution Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:4.7/TemporalScore:4.1
Executive Summary: None FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment of the targeted component. According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. For example, when the score indicates that the Attack Vector is Local and User Interaction is Required, this could describe an exploit in which an attacker, through social engineering, convinces a victim to download and open a specially crafted file from a website which leads to a local attack on their computer. Mitigations: None Workarounds: None Revision: 1.0    06/11/2024     Information published. |
Important | Remote Code Execution | ||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-30052 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8) | Release Notes (Security Update) | Important | Remote Code Execution | None | Base: 4.7 Temporal: 4.1 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
15.9.63 | Maybe | None |
| Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10) | Release Notes (Security Update) | Important | Remote Code Execution | None | Base: 4.7 Temporal: 4.1 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
16.11.37 | Maybe | None |
| Microsoft Visual Studio 2022 version 17.10 | Release Notes (Security Update) | Important | Remote Code Execution | None | Base: 4.7 Temporal: 4.1 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
17.10.2 | Maybe | None |
| Microsoft Visual Studio 2022 version 17.4 | Release Notes (Security Update) | Important | Remote Code Execution | None | Base: 4.7 Temporal: 4.1 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
17.4.20 | Maybe | None |
| Microsoft Visual Studio 2022 version 17.6 | Release Notes (Security Update) | Important | Remote Code Execution | None | Base: 4.7 Temporal: 4.1 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
17.6.16 | Maybe | None |
| Microsoft Visual Studio 2022 version 17.8 | Release Notes (Security Update) | Important | Remote Code Execution | None | Base: 4.7 Temporal: 4.1 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C |
17.8.11 | Maybe | None |
| CVE ID | Acknowledgements |
| CVE-2024-30052 | goodbyeselene |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||
| CVE-2024-5846
MITRE NVD Issuing CNA: Chrome |
CVE Title: Chromium: CVE-2024-5846 Use after free in PDFium
CVSS: None Executive Summary: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. How can I see the version of the browser?
Mitigations: None Workarounds: None Revision: 1.0    06/13/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-5846 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft Edge (Chromium-based) | Release Notes (Security Update) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
126.0.2592.56 | No | None |
| CVE ID | Acknowledgements |
| CVE-2024-5846 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||
| CVE-2024-5847
MITRE NVD Issuing CNA: Chrome |
CVE Title: Chromium: CVE-2024-5847 Use after free in PDFium
CVSS: None Executive Summary: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. How can I see the version of the browser?
Mitigations: None Workarounds: None Revision: 1.0    06/13/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-5847 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft Edge (Chromium-based) | Release Notes (Security Update) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
126.0.2592.56 | No | None |
| CVE ID | Acknowledgements |
| CVE-2024-5847 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||
| CVE-2024-5845
MITRE NVD Issuing CNA: Chrome |
CVE Title: Chromium: CVE-2024-5845 Use after free in Audio
CVSS: None Executive Summary: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. FAQ: Why is this Chrome CVE included in the Security Update Guide? The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. How can I see the version of the browser?
Mitigations: None Workarounds: None Revision: 1.0    06/13/2024     Information published. |
Unknown | Unknown |
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Not Found | Not Found | Not Found |
The following tables list the affected software details for the vulnerability.
| CVE-2024-5845 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft Edge (Chromium-based) | Release Notes (Security Update) | Unknown | Unknown | None | Base: N/A Temporal: N/A Vector: N/A |
126.0.2592.56 | No | None |
| CVE ID | Acknowledgements |
| CVE-2024-5845 | None |
| CVE ID | Vulnerability Description | Maximum Severity Rating | Vulnerability Impact | ||||||||||||||||||||||||||||||||||||||||||||||||
| CVE-2024-38083
MITRE NVD Issuing CNA: Microsoft |
CVE Title: Microsoft Edge (Chromium-based) Spoofing Vulnerability
CVSS: CVSS:3.1 Highest BaseScore:4.3/TemporalScore:3.8
Executive Summary: None FAQ: According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? The user would have to click on a specially crafted URL to be compromised by the attacker. According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of integrity (I:L)? What does that mean for this vulnerability? An attacker who successfully exploited this vulnerability could cover and spoof elements of the UI. The modified information is only visual.
Mitigations: None Workarounds: None Revision: 1.0    06/13/2024     Information published. |
Moderate | Spoofing | ||||||||||||||||||||||||||||||||||||||||||||||||
The following table provides an exploitability assessment for this vulnerability at the time of original publication.
| Exploitability Assessment | Publicly Disclosed | Exploited |
| Exploitation Less Likely | No | No |
The following tables list the affected software details for the vulnerability.
| CVE-2024-38083 | ||||||||
| Product | KB Article | Severity | Impact | Supercedence | CVSS Score Set | Fixed Build | Restart Required | Known Issue |
| Microsoft Edge for Android | Release Notes (Security Update) | Moderate | Spoofing | None | Base: 4.3 Temporal: 3.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C |
126.0.2592.56 | No | None |
| Microsoft Edge for iOS | Release Notes (Security Update) | Moderate | Spoofing | None | Base: 4.3 Temporal: 3.8 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C |
126.0.2592.56 | No | None |
| CVE ID | Acknowledgements |
| CVE-2024-38083 | Renwa (@RenwaX23) |